Re: [Freeipa-users] user delete command hangs kdc and ldap stop responding

On 09/18/2015 12:24 AM, HECTOR LOPEZ wrote: This is rhel 7.1 with ipa version 4.1.0 user-show shows the user. However, if the user contains ipaNTSecurityIdentifier: attribute, user-del hangs with no response. Meanwhile, the KDC and 389ds stop working. The only way to recover functionality

[Freeipa-users] Add custom script

Hi, iam looking for a possibility to add custom script which will be executed after creating a new user. Iam using the latest release of FreeIPA 4.2 from COPR in Fedora 22. I found this post in the archive from 2011: https://www.redhat.com/archives/freeipa-users/2011-September/msg00076.html

Re: [Freeipa-users] rhel 6.7 upgrade - sssd/sudo

On Thu, Sep 17, 2015 at 11:42:54AM +, Andy Thompson wrote: > I've narrowed it down a bit doing some testing. The sudo rules work when I > remove the user group restriction from them. My sudo rules all have my ad > groups in the rule > > Rule name: ad_linux_admins > Enabled: TRUE >

[Freeipa-users] Custom scripts

Hi, iam looking for a possibility to add custom script which will be executed after creating a new user. Iam using the latest release of FreeIPA 4.2 from COPR in Fedora 22. I found this post in the archive from 2011: https://www.redhat.com/archives/freeipa-users/2011-September/msg00076.html

[Freeipa-users] Add custom script

Hi, Sorry, my last post was with wrong link. iam looking for a possibility to add custom script which will be executed after creating a new user. Iam using the latest release of FreeIPA 4.2 from COPR in Fedora 22. I found this post in the archive:

Re: [Freeipa-users] 4.1 -> 4.2

Good to hear! Feedback is very welcome :-) On 09/17/2015 09:37 PM, Janelle wrote: > thank you - just downloaded the beta to check it out. > > ~J > > On 9/17/15 10:20 AM, Alexander Bokovoy wrote: >> On Thu, 17 Sep 2015, Janelle wrote: >>> Here is an interesting problem. Currently running 4.1 on

Re: [Freeipa-users] user delete command hangs kdc and ldap stop responding

Ludwig Krispenz, This is the output of gstack on ns-slapd (pstack on rhel), also killing the ns-slapd proces gave this error "ipa: ERROR: cannot connect to 'ldapi://%2fvar%2frun%2fslapd-GSEIS-UCLA-EDU.socket': " After that I could use ipactl restart and the command runs successfully. Thank you

Re: [Freeipa-users] last step in retiring old RHEL 6 (IPA 3.0.0) servers

On 09/17/2015 06:19 PM, Craig White wrote: -Original Message- From: Petr Vobornik [mailto:pvobo...@redhat.com] Sent: Thursday, September 17, 2015 4:59 AM To: Martin Kosek; Craig White; freeipa-users@redhat.com; Jan Cholasta Subject: Re: [Freeipa-users] last step in retiring old RHEL 6

Re: [Freeipa-users] Red Hat 5 and 6 with IPA Client v. 4

I think I got it working. Solution in my case was to run following on client nodes: yum install sssd-1.12.4-47.el6.x86_64 And on IPA server for each Forward and Reverse lookup zone I ran: ipa dnszone-mod X.COM. --allow-sync-ptr=TRUE --dynamic-update=TRUE ipa dnszone-mod

Re: [Freeipa-users] ipaSshPubKey and ldapsearch

Sorry, my mistake. The following works fine: % ldapsearch -x -D 'uid=ldap_gitlab,cn=users,cn=accounts,dc=quartzbio,dc=com' -W uid=karl cn ipaSshPubKey Karl On Fri, Sep 18, 2015 at 3:13 PM, Karl Forner wrote: > Hello, > > I'm trying to integrate the freeIPA SSH public

[Freeipa-users] ipaSshPubKey and ldapsearch

Hello, I'm trying to integrate the freeIPA SSH public key with gitlab Enterprise Edition. They have a configuration setting **ldap_sync_ssh_keys** that I tried to set to 'ipaSshPubKey' but it does not work. While trying to understand the problem, I realized that I don't even know how to

Re: [Freeipa-users] rhel 6.7 upgrade - sssd/sudo

> -Original Message- > From: Jakub Hrozek [mailto:jhro...@redhat.com] > Sent: Friday, September 18, 2015 4:42 AM > To: Andy Thompson > Cc: freeipa-users@redhat.com > Subject: Re: [Freeipa-users] rhel 6.7 upgrade - sssd/sudo > > On Thu, Sep 17, 2015 at

Re: [Freeipa-users] SSSD client (amazon linux) + IPA server (Redhat)

On Thu, Sep 17, 2015 at 10:33:41AM -0700, Gustavo Mateus wrote: > When I use id_provider=ipa I get: > > [sssd[be[default]]] [main] (0x0010): Could not initialize backend [2] Ah, I think they simply don't package the IPA backend. Time to file an RFE with Amazon? :-) > > > Adding a [ssh]

Re: [Freeipa-users] SSSD client (amazon linux) + IPA server (Redhat)

That only shows this: # extended LDIF # # LDAPv3 # base