Hi Christopher,
thanks very much for your help, I appreciate it. I will reconfigure our Jira
and see how it works out.
-Ursprüngliche Nachricht-
Von: Christopher Lamb [mailto:christopher.l...@ch.ibm.com]
Gesendet: Montag, 29. Juni 2015 16:08
An: Alexander Bokovoy; Moj, Markus; Martin K
Thank you for reply.
# rpm -q 389-ds-base ipa-server slapi-nis
389-ds-base-1.3.3.1-16.el7_1.x86_64
ipa-server-4.1.0-18.el7_1.3.x86_64
slapi-nis-0.54-3.el7_1.x86_64
Okay, we will try to get it if it will happens again
WBR,
Alexander Frolushkin
Cell +79232508764
Work +79232507764
From: freeipa-us
HI Simo,
Thanks for the reply. Could you please elaborate or point me to some
documentation on how to set this up.
What I want to be able to achieve is that a user should login with a 2FA
once a day and all subsequent logins are allowed thru public key only.
Regards.
--Prashant
On 30 June 2015
2015-07-01 3:51 GMT+08:00 Lukas Slebodnik :
> End of life for Fedora 18 was 2014-01-14.
> See https://fedoraproject.org/wiki/End_of_life
>
> Could you try to upgrade to recent release (fedora 21)?
> If you did not want to upgrade very often then it would
> be better to use distribution with longe
Thank you so much, that was it - just a wrong command. Appreciate the help and
quick response.
From: Simo Sorce
To: sipazzo
Cc: Freeipa-users
Sent: Tuesday, June 30, 2015 12:39 PM
Subject: Re: [Freeipa-users] keytab issue with service principal
On Tue, 2015-06-30 at 19:34 +,
Thank you, I had tried it both ways with same results. Just misunderstood
documentation I guess so tried the -S to try to force it to use the service
keytab for authentication.
kinit -k -t /opt/oracle/admin/oracledb.keytab
kinit: Keytab contains no suitable keys for
host/oracledbsrvr.example...
On (30/06/15 11:17), Umarzuki Mochlis wrote:
>Every once in a week suddenly IPA service would failed and only
>realized when zimbra that using authentication with it failed during
>user log in.
>
>So I had to type in below commands one by one each time this happened.
>
>systemctl start dirsrv@DOMAI
On Tue, 2015-06-30 at 19:34 +, sipazzo wrote:
> Output of klist -kt is
> KVNO Timestamp Principal
> -
>
>2 06/30/15 17:12:13 oracledb/oracledbsrvr.example@example.com
>2 06/30/15 17:12:13 oracled
Output of klist -kt is
KVNO Timestamp Principal
-
2 06/30/15 17:12:13 oracledb/oracledbsrvr.example@example.com
2 06/30/15 17:12:13 oracledb/oracledbsrvr.example@example.com
2 06/30/15 17:12:13 o
- Original Message -
> I am trying to troubleshoot kerberos authentication for an oracle service
> (oracledb) and getting the following error when testing the service keytab
> on the database server (oracledbsrvr):
>
> oracle@oracledbsrvr ~]# kinit -kt /opt/oracle/admin/oracledb.keytab -
On Tue, 2015-06-30 at 18:44 +, sipazzo wrote:
> I am trying to troubleshoot kerberos authentication for an oracle service
> (oracledb) and getting the following error when testing the service keytab on
> the database server (oracledbsrvr):
> oracle@oracledbsrvr ~]# kinit -kt /opt/oracle/admin
I am trying to troubleshoot kerberos authentication for an oracle service
(oracledb) and getting the following error when testing the service keytab on
the database server (oracledbsrvr):
oracle@oracledbsrvr ~]# kinit -kt /opt/oracle/admin/oracledb.keytab -S
oracledb/oracledbsrvr.example.com
kin
- Original Message -
>
> > On 30 Jun 2015, at 17:29, Alexander Bokovoy wrote:
> >
> > - Original Message -
> >> If I load the keytab for Samba: kinit -t /etc/samba/samba.keytab
> >> cifs/ipa02.XXX@XXX
> >> Then run the query using GSSAPI - I get no results!
> >>
> >> [...]
> >
> On 30 Jun 2015, at 17:29, Alexander Bokovoy wrote:
>
> - Original Message -
>> If I load the keytab for Samba: kinit -t /etc/samba/samba.keytab
>> cifs/ipa02.XXX@XXX
>> Then run the query using GSSAPI - I get no results!
>>
>> [...]
>>
>> Even stranger, if I split the OR filter and o
- Original Message -
> Hi,
>
> I’ve started playing around with Samba shared on an IPA server running 4.1.0
> (CentOS 7 latest as of 30-06-2015).
> I’m having an issue with performance - it seems to connect to ldap almost 10
> times for every file operation to try lookup a group - and th
On 06/29/2015 10:08 PM, Alexander Frolushkin wrote:
Hello.
What does message
NSMMReplicationPlugin -
agmt="cn=cloneAgreement1-host1.domain.com-pki-tomcat" (host2:389):
Unable to acquire replica: the replica instructed us to go into
backoff mode. Will retry later.
mean?
A lot of these mes
Hi,
I’ve started playing around with Samba shared on an IPA server running 4.1.0
(CentOS 7 latest as of 30-06-2015).
I’m having an issue with performance - it seems to connect to ldap almost 10
times for every file operation to try lookup a group - and the lookup fails.
On another system running
Hi,
389-ds allows to configure the max size of the replication changelog
either by setting a maximum record number or a maximum age of changes.
freeIPA does not use this setting. In the context of ticket
https://fedorahosted.org/freeipa/ticket/5086 we are discussing to change
the default to
e
On Tue, 2015-06-30 at 10:06 +0200, Sumit Bose wrote:
> On Tue, Jun 30, 2015 at 09:31:55AM +0200, Jakub Hrozek wrote:
> > On Tue, Jun 30, 2015 at 09:22:13AM +0200, Sumit Bose wrote:
> > > On Tue, Jun 30, 2015 at 09:09:19AM +0200, Jakub Hrozek wrote:
> > > > On Tue, Jun 30, 2015 at 11:34:55AM +0530,
On 29.6.2015 18:33, Matt . wrote:
> Hi Petr,
>
> No problem at all! I can remove/move things easily... but this
> splitbrain really makes these 2 networks standing on their own, which
> is what I need.
>
> Both are provisioned but not all the same. It gives me the flexibility
> we need, that's wh
> Could you please provide the content of logfile:
> `/var/log/pki/pki-tomcat/ca/debug', around the time the error
> occurs?
>
> Thanks,
> Fraser
When the pki-tomcatd service is trying to start, I see this message in
/var/log/pki/pki-tomcat/ca/debug
[30/Jun/2015:10:02:13][localhost-startStop-1
On Tue, Jun 30, 2015 at 09:31:55AM +0200, Jakub Hrozek wrote:
> On Tue, Jun 30, 2015 at 09:22:13AM +0200, Sumit Bose wrote:
> > On Tue, Jun 30, 2015 at 09:09:19AM +0200, Jakub Hrozek wrote:
> > > On Tue, Jun 30, 2015 at 11:34:55AM +0530, Prashant Bapat wrote:
> > > > Hi,
> > > >
> > > > I was able
On Mon, Jun 29, 2015 at 07:37:31PM +0200, Alexandre Ellert wrote:
> Hello,
>
> I have a problem on a replica server running Centos 7.1 and ipa
> 4.1.0-18.el7.centos.3.x86_64 (last version)
> Ipa server doesn’t restart correctly (using systemctl restart ipa or reboot
> the whole server) :
> # ipa
On Tue, Jun 30, 2015 at 09:22:13AM +0200, Sumit Bose wrote:
> On Tue, Jun 30, 2015 at 09:09:19AM +0200, Jakub Hrozek wrote:
> > On Tue, Jun 30, 2015 at 11:34:55AM +0530, Prashant Bapat wrote:
> > > Hi,
> > >
> > > I was able to set this up in a Fedora instance with SSSD and it works as
> > > expec
On Tue, Jun 30, 2015 at 11:34:55AM +0530, Prashant Bapat wrote:
>
> I was able to set this up in a Fedora instance with SSSD and it works as
> expected. SSHD first uses the public key and then prompts for password
> which is ofcourse password+OTP.
>
> However, having a user enter the password+OTP
On Tue, Jun 30, 2015 at 09:09:19AM +0200, Jakub Hrozek wrote:
> On Tue, Jun 30, 2015 at 11:34:55AM +0530, Prashant Bapat wrote:
> > Hi,
> >
> > I was able to set this up in a Fedora instance with SSSD and it works as
> > expected. SSHD first uses the public key and then prompts for password
> > wh
On Tue, Jun 30, 2015 at 11:34:55AM +0530, Prashant Bapat wrote:
> Hi,
>
> I was able to set this up in a Fedora instance with SSSD and it works as
> expected. SSHD first uses the public key and then prompts for password
> which is ofcourse password+OTP.
>
> However, having a user enter the passwo
27 matches
Mail list logo