Re: [Freeipa-users] sendmail.schema

Hi Martin, thank you for your advice. Now I solved this myself with the following procedure: I followed the page https://www.madboa.com/geek/ldap-aliases/ https://www.madboa.com/geek/ldap-aliases/ in a minimal invasive schema update for the freeipa directory server: ldapmodify -x -D

Re: [Freeipa-users] ns-slapd high cpu usage

On Wed, Jul 15, 2015 at 04:58:23PM +0200, Ludwig Krispenz wrote: On 07/15/2015 04:10 PM, Andrew E. Bruno wrote: On Wed, Jul 15, 2015 at 03:22:51PM +0200, Ludwig Krispenz wrote: On 07/14/2015 08:59 PM, Andrew E. Bruno wrote: On Tue, Jul 14, 2015 at 04:52:10PM +0200, Ludwig Krispenz wrote:

Re: [Freeipa-users] Reverse DNS and Forwarding

On Wednesday, July 15, 2015, Martin Basti mba...@redhat.com wrote: On 14/07/15 19:12, Nevada Sanchez wrote: I have FreeIPA setup as our primary DNS on an AWS VPC. I setup global forwarding ('Forward First') so that it will forward queries to Amazon's DNS, and then fall back on IPA if it

[Freeipa-users] CIFS share with no active directory

Hi, My question is quite simple, yet I didn't find any answer on the Internet regarding how to do it :) How can I configure a linux samba server to use FreeIPA for authentication, without having clients to join an active directory domain when using Windows 8? I followed this article :

Re: [Freeipa-users] ipa-replica-prepare error

On 07/14/2015 11:53 PM, Jan Cholasta wrote: Hi, Dne 10.7.2015 v 22:33 Orion Poplawski napsal(a): On 07/08/2015 11:31 AM, Orion Poplawski wrote: But then when I go to make a replica: # ipa-replica-prepare ipa1.nwra.com --dirsrv_pkcs12=nwra.com.p12 --dirsrv_pin=XX

Re: [Freeipa-users] AD users not visible in FreeIPA mapped group

On Wed, Jul 15, 2015 at 01:09:42PM -0700, Angelo Pantano wrote: SSSD is able to evaluate group membership, but if for instance I create a view for my user and I add a ssh public key I can only use it to login passwordless in the IPA server, not on an IPA client. The password still works, but I

Re: [Freeipa-users] ns-slapd high cpu usage

On Wed, Jul 15, 2015 at 03:22:51PM +0200, Ludwig Krispenz wrote: On 07/14/2015 08:59 PM, Andrew E. Bruno wrote: On Tue, Jul 14, 2015 at 04:52:10PM +0200, Ludwig Krispenz wrote: hm, the stack traces show csn_str, which correspond to Jul,8th, Jul,4th, and Jul,7th - so it looks like it is

Re: [Freeipa-users] ns-slapd high cpu usage

On 07/14/2015 08:59 PM, Andrew E. Bruno wrote: On Tue, Jul 14, 2015 at 04:52:10PM +0200, Ludwig Krispenz wrote: hm, the stack traces show csn_str, which correspond to Jul,8th, Jul,4th, and Jul,7th - so it looks like it is iterating the changelog over and over again. Th consumer side Is

Re: [Freeipa-users] Reverse DNS and Forwarding

On 15/07/15 15:07, Nevada Sanchez wrote: On Wednesday, July 15, 2015, Martin Basti mba...@redhat.com mailto:mba...@redhat.com wrote: On 14/07/15 19:12, Nevada Sanchez wrote: I have FreeIPA setup as our primary DNS on an AWS VPC. I setup global forwarding ('Forward First') so that

Re: [Freeipa-users] reverse lookup dns records in trust setup

On 14.7.2015 15:19, John Stein wrote: Hi, What I meant was that the IPA server is managing two zones: Linux.john.com Which has these records Ipa1 A 192.168.0.140 client1 A 192.168.0.11 0.168.192.in-addr.arpa. Which has these records 11 PTR client1.linux.john.com @ NS

Re: [Freeipa-users] ns-slapd high cpu usage

On 07/15/2015 04:10 PM, Andrew E. Bruno wrote: On Wed, Jul 15, 2015 at 03:22:51PM +0200, Ludwig Krispenz wrote: On 07/14/2015 08:59 PM, Andrew E. Bruno wrote: On Tue, Jul 14, 2015 at 04:52:10PM +0200, Ludwig Krispenz wrote: hm, the stack traces show csn_str, which correspond to Jul,8th,