On 11/04/2016 03:09 PM, Sebastien Julliot wrote:
> Hello everyone,
>
> As I explained you some time ago, I have been skirting the ipa's
> limitation to setting pre-hashed passwords by using ldappasswd. (I know
> you guys think it's wrong. In this case the hashes come from an other
> ldap which, fo
Hello,
I have a FreeIPA installation that is working very nicely, we already have
configured many hosts and so far we are quite happy with it.
I was trying to connect Ansible to fetch hosts from FreeIPA using the
freeipa.py script (
https://github.com/ansible/ansible/blob/devel/contrib/inventory/
On Fri, Nov 04, 2016 at 01:41:40PM +0200, Taras Drach wrote:
> Hello Sumit,
> I’ve tried to use this attr, but still no success
>
> Also I found the solutions where sss_ssh_authorizedkeys replaced with custom
> scripts for queuing ldap and get necessary attribute
> I think there is hardcoded “ssh
Hello everyone,
As I explained you some time ago, I have been skirting the ipa's
limitation to setting pre-hashed passwords by using ldappasswd. (I know
you guys think it's wrong. In this case the hashes come from an other
ldap which, for intern reasons, we can not synchronize with otherwise
than
On 11/04/2016 02:42 PM, Brian Candler wrote:
> On 04/11/2016 12:20, Petr Vobornik wrote:
>> You can check with what options authconfig was called by:
>> # cat /var/log/ipaclient-install.log | grep authconfig
>>
>> if --enablemkhomedir is not there then it is possible that something
>> else enabl
On 04/11/2016 12:20, Petr Vobornik wrote:
You can check with what options authconfig was called by:
# cat /var/log/ipaclient-install.log | grep authconfig
if --enablemkhomedir is not there then it is possible that something
else enabled it.
It's not there:
$ sudo cat /var/log/ipaclient-ins
On 04.11.2016 13:22, SOLER SANGUESA Miguel wrote:
Hello,
I’m updating the topic, because I have the same problem with:
$ ipa --version
VERSION: 4.2.0, API_VERSION: 2.156
On RHEL 7.2
For Opera and Chrome (latest versions) the pop up appears, but not in
Firefox (last version). The configur
Hello,
I'm updating the topic, because I have the same problem with:
$ ipa --version
VERSION: 4.2.0, API_VERSION: 2.156
On RHEL 7.2
For Opera and Chrome (latest versions) the pop up appears, but not in Firefox
(last version). The configuration is in /var/log/httpd/access_log:
...
# Protect /ipa
On 11/04/2016 12:52 PM, Brian Candler wrote:
> On 04/11/2016 11:32, Brian Candler wrote:
>>
>> I notice that both ipa-server-install and ipa-replica-install have the
>> following option:
>>
>> --mkhomedir create home directories for users on their first
>> login
>>
>> but I did not su
On 04/11/2016 11:32, Brian Candler wrote:
I notice that both ipa-server-install and ipa-replica-install have the
following option:
--mkhomedir create home directories for users on their
first login
but I did not supply this option in either case. I believe the actual
options I
Hello Sumit,
I’ve tried to use this attr, but still no success
Also I found the solutions where sss_ssh_authorizedkeys replaced with custom
scripts for queuing ldap and get necessary attribute
I think there is hardcoded “sshPublicKey" in sss_ssh_authorizedkeys.
Is there any other way to create s
I have set up freeipa using CentOS 7 and the default 4.2.0 packages.
I found that on the master, the user's home directory is created
automatically, but on the replicas it is not. Looking into the contents
of /etc/pam.d, the following files are different:
fingerprint-auth-ac
password-auth-ac
On Fri, Nov 04, 2016 at 11:04:28AM +, James Harrison wrote:
> Hello,
> I've installed FreeIPA 4.2 master using Centos and I have a Windows 2012R2
> with its AD schema emulating a Windows 2012 system
> I have established a trust between the two and it appears to work. I can
> reference a user
Hello,
I've installed FreeIPA 4.2 master using Centos and I have a Windows 2012R2 with
its AD schema emulating a Windows 2012 system
I have established a trust between the two and it appears to work. I can
reference a user on the AD domain, but the only way is to add the AD domain.
The only way
On Thu, Nov 03, 2016 at 05:23:06PM +0200, Taras Drach wrote:
> Thank for reply,
>
> Unfortunately sssd won’t start with this configuration
>
> Here is part of log
>
> (Thu Nov 3 15:16:40 2016) [sssd[be[ipa.test.loc]]] [sdap_extend_map]
> (0x0200): 1 extra attributes
> (Thu Nov 3 15:16:40 2016
15 matches
Mail list logo