Re: [Freeipa-users] server 1 and server 2 cannot replicate now may be ssl cert expire

2016-05-08 Thread barrykfl
Hello Barry, Can you provide more info? What is your IPA version, OS? CENTOS 6.5 server1 - ipa-server-3.0.0-47.el6.centos.2.x86_64 server 2 - ipa-server-3.0.0-37.el6.x86_64 What are the symptoms you are experiencing? server1 's update not transfer to server 2 but server 2 can transfer to

Re: [Freeipa-users] server 1 and server 2 cannot replicate now may be ssl cert expire

2016-05-08 Thread Barry
Hello Barry, Can you provide more info? What is your IPA version, OS? CENTOS 6.5 server1 - ipa-server-3.0.0-47.el6.centos.2.x86_64 server 2 - ipa-server-3.0.0-37.el6.x86_64 What are the symptoms you are experiencing? server1 's update not transfer to server 2 but server 2 can

Re: [Freeipa-users] Duplicate serials in issued ipa certs

2016-05-08 Thread Fraser Tweedale
On Fri, May 06, 2016 at 11:33:10AM +, wouter.hummel...@kpn.com wrote: > Hello, > > I discovered today that our IPA CA has been issuing certs with duplicate > serials, causing issues in several ways when dealing with hosts that have > such a cert in place. (Complaints about duplicate

Re: [Freeipa-users] Who uses FreeIPA?

2016-05-08 Thread Alexandre de Verteuil
* Alexandre de Verteuil [2016-05-03 15:09] : > > Tomorrow I am giving a short presentation at my workplace to talk about > it and invite other sysadmins to try it. > > I would like to make a slide showing the current adoption of FreeIPA. I > read that Red Hat uses it

Re: [Freeipa-users] running ipa without local ntp on LXC (debian)

2016-05-08 Thread Peter Fern
On 05/08/16 21:32, Harald Dunkel wrote: > Hi folks, > > the freeipa packages for client and server on Debian depend > upon ntp. Is this hard requirement really necessary? Usually > ntp is useless in containers (e.g. LXC), since the hardware > access is not permitted and since there is exactly one

[Freeipa-users] running ipa without local ntp on LXC (debian)

2016-05-08 Thread Harald Dunkel
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi folks, the freeipa packages for client and server on Debian depend upon ntp. Is this hard requirement really necessary? Usually ntp is useless in containers (e.g. LXC), since the hardware access is not permitted and since there is exactly one