Hi
I'm unable to login via ssh to an ipa client or server as the admin user or a
new user. This a new installation of the ipa server and clients.
I've saved some of the error messages:
I created a test user (tuser). I was able to su - tuser successfully. I was
not able to ssh to the master
On 03/12/2016 04:47 PM, Brad Bendy wrote:
> Hi,
>
> YubiKey supports HOTP it appears, but im having a heck of a time
> getting the token to add FreeIPA. The YubiKey tool gives me the OATH
> Token which is 6 bytes and the secret key in 20 bytes hex. Ive entered
> the secret key and OATH token into
On Wed, 16 Mar 2016, Nathaniel McCallum wrote:
On Wed, 2016-03-16 at 14:31 +0100, Martin Kosek wrote:
On 03/12/2016 04:47 PM, Brad Bendy wrote:
>
> Hi,
>
> YubiKey supports HOTP it appears, but im having a heck of a time
> getting the token to add FreeIPA. The YubiKey tool gives me the
> OATH
>
Hi Jeff
As far as I can see, your command looks ok (though I don't know what your
dn should look like).
Did you run the "kinit admin" command before?
When I was doing the Samba + FreeIPA integration I found using an LDAP
browser (Apache Directory Studio) very useful to visualise the LDAP
I have enabled debugging withdebug_level = 7 in sssd.conf
Receive following error messages:Marking server 'ipa-server' as 'name
resolved'[be_resolve_server_process] (0x0200): Found address for server
ipa-server
[get_port_status] (0x1000): Port status of port 389 for server 'ipa-server' is
'not
client cant ssh - any ideas
ssh di...@xxx.xxx.xxx.xxx
di...@xxx.xxx.xxx.xxx's password:
Permission denied, please try again.
di...@xxx.xxx.xxx.xxx's password:
cat sssd/sssd_somehost.com.log
(Thu Mar 17 02:44:30 2016) [sssd[be[somehost.com]]] [krb5_auth_store_creds]
(0x0010): unsupported PAM
Found the syntax error. Apparently the DN is:
dn:cn=ipaconfig,cn=etc,dc=internal,dc=emerlyn,dc=com rather than
dn:cn=etc,cn=ipaconfig,dc=internal,dc=emerlyn,dc=com
On Fri, Mar 18, 2016 at 11:35 AM, Christopher Lamb <
christopher.l...@ch.ibm.com> wrote:
> Hi Jeff
>
> When I last integrated
Stephen Ingram wrote:
I've run into a problem on a v3 IPA where several certificates did not
renew automatically with certmonger. I'm now, of course stuck and trying
to renew the certificates manually. I've managed to renew the WebUI
cert, and now onto the pki-ca certificate in the
I've run into a problem on a v3 IPA where several certificates did not
renew automatically with certmonger. I'm now, of course stuck and trying to
renew the certificates manually. I've managed to renew the WebUI cert, and
now onto the pki-ca certificate in the /var/lib/pki-ca/alias NSS store. I'm
Hi Jeff
When I last integrated FreeIPA and Samba I used ldapmodify to successfully
add sambaSAMAccount and sambaGroupMapping.
ldapmodify -Y GSSAPI <
To: freeipa-users@redhat.com
Date: 18.03.2016 16:11
Subject:[Freeipa-users] Trouble creating userobjectlass sambaSAMAccount
Sent
On 15/03/16 17:22, Rob Crittenden wrote:
lejeczek wrote:
On 15/03/16 14:14, lejeczek wrote:
On 15/03/16 13:42, Rob Crittenden wrote:
lejeczek wrote:
On 14/03/16 17:06, Rob Crittenden wrote:
lejeczek wrote:
with...
ipa: ERROR: group LDAP search did not return any
result (search base:
On (19/03/16 10:38), Harald Dunkel wrote:
>On 03/16/16 14:43, Lukas Slebodnik wrote:
>> On (16/03/16 14:30), Harald Dunkel wrote:
>>> (Wed Mar 16 13:25:05 2016) [sssd] [sbus_add_watch] (0x2000):
>>> 0xb3e070/0xb3dda0 (14), R/- (enabled) (Wed Mar 16 13:25:05 2016) [sssd]
>>> [get_ping_config]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 03/16/16 14:43, Lukas Slebodnik wrote:
> On (16/03/16 14:30), Harald Dunkel wrote:
>> (Wed Mar 16 13:25:05 2016) [sssd] [sbus_add_watch] (0x2000):
>> 0xb3e070/0xb3dda0 (14), R/- (enabled) (Wed Mar 16 13:25:05 2016) [sssd]
>> [get_ping_config]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi Jakub,
On 03/16/16 09:30, Jakub Hrozek wrote:
>
> If you can reproduce the issue, it would be nice to increase the debug_level
> a bit so that the debug logs are more verbose..
>
Using debug level 9 I got
(Wed Mar 16 13:24:57 2016) [sssd]
Christopher,
Thank you for the response. IT seems my syntax is still not correct. HEre
is the command and output I received:
[root@id-management-1 ~]# ldapmodify -Y GSSAPI < wrote:
> Hi Jeff
>
> When I last integrated FreeIPA and Samba I used ldapmodify to successfully
> add sambaSAMAccount and
On (16/03/16 14:30), Harald Dunkel wrote:
>Hi Jakub,
>
>On 03/16/16 09:30, Jakub Hrozek wrote:
>>
>> If you can reproduce the issue, it would be nice to increase the debug_level
>> a bit so that the debug logs are more verbose..
>>
>
>Using debug level 9 I got
>
>(Wed Mar 16 13:24:57 2016)
Hi
The following error occurs when I ssh to an ipa client:
/usr/bin/sss_ssh_knownhostsproxy: /cots/gnu/samba/lib/libtevent.so.0: no
version information available (required by /usr/lib64/sssd/libsss_util.so)
/usr/bin/sss_ssh_knownhostsproxy: /cots/gnu/samba/lib/libtevent.so.0: no
version
17 matches
Mail list logo
