Hi,
ipa-adtrust-install populates the ipaNTHash in LDAP for each user/group,
but you still need a samba backend to read these new attributes.
Do you use ipasam.so ?
If you don't, you should recompile your version of FreeIPA, move ipasam.so
to your password backend directory containing other .so fi
On Tuesday, January 17, 2017 2:09:08 PM CST Phil Ingram wrote:
> To whom this may concern,
>
> I use FreeIPA and I would like to create certificates for peer-to-peer and
> remote-access VPNs. In speaking with Fraser Tweedale, we agree that the
> best way forward is to create a secondary CA for ins
>> I have a pair of FreeIPA 4.4.0 servers setup whose forwarders are each set
>> to an
>> Active Directory domain controller. When a client attempts to lookup any DNS
>> record other than those to which FreeIPA is authoritative the client reports
>> NXDOMAIN and the FreeIPA server has the followi
Phil Ingram writes:
> I use FreeIPA and I would like to create certificates for peer-to-peer
> and remote-access VPNs.
I tried to replace may manual easy-CA certificates with FreeIPA ones,
but that didn't work out (but my fallback also broke). My "productive"
VPN connection for now is ocserv, bu
On 01/18/2017 02:57 PM, Harald Dunkel wrote:
On 01/17/17 11:38, Sumit Bose wrote:
On Tue, Jan 17, 2017 at 10:44:14AM +0100, Harald Dunkel wrote:
It seems something got corrupted in my ipa setup. I found this in the
sssd log file on Wheezy:
(Tue Jan 17 10:19:02 2017) [hbac_shost_attrs_to_rule]
Hi There,
Sorry could not get back on this earlier,
> Great, glad it's fixed! Are these VMs? If not, you may wish to
> (re?)configure automatic syncing.
yes these are AWS instances. How do I reconfigure auto syncing . Is there
a documentation I can follow.
Sorry, haven't done this before and
Thank you for your help.
On 2017.01.18. 10:21, Alexander Bokovoy wrote:
On ke, 18 tammi 2017, David Kupka wrote:
On 17/01/17 16:23, Georgijs Radovs wrote:
Hello everyone!
Is it possible to configure Sef-service permissions in FreeIPA in a
way,
so that, when regular users log in, they don't
On (17/01/17 11:38), Sumit Bose wrote:
>On Tue, Jan 17, 2017 at 10:44:14AM +0100, Harald Dunkel wrote:
>> It seems something got corrupted in my ipa setup. I found this in the
>> sssd log file on Wheezy:
>>
>> (Tue Jan 17 10:19:02 2017) [hbac_shost_attrs_to_rule] (0x0400): Processing
>> source ho
On 01/17/17 11:38, Sumit Bose wrote:
> On Tue, Jan 17, 2017 at 10:44:14AM +0100, Harald Dunkel wrote:
>> It seems something got corrupted in my ipa setup. I found this in the
>> sssd log file on Wheezy:
>>
>> (Tue Jan 17 10:19:02 2017) [hbac_shost_attrs_to_rule] (0x0400): Processing
>> source host
On 01/18/2017 08:13 AM, Harald Dunkel wrote:
Hi Ludwig,
On 01/17/17 17:01, Ludwig Krispenz wrote:
On 01/17/2017 04:48 PM, Harald Dunkel wrote:
On 01/17/17 16:12, Harald Dunkel wrote:
On 01/17/17 11:38, Sumit Bose wrote:
On Tue, Jan 17, 2017 at 10:44:14AM +0100, Harald Dunkel wrote:
It seem
On ke, 18 tammi 2017, David Kupka wrote:
On 17/01/17 16:23, Georgijs Radovs wrote:
Hello everyone!
Is it possible to configure Sef-service permissions in FreeIPA in a way,
so that, when regular users log in, they don't have read access to other
FreeIPA sections like "Policy", "Authentication",
On 17/01/17 16:23, Georgijs Radovs wrote:
Hello everyone!
Is it possible to configure Sef-service permissions in FreeIPA in a way,
so that, when regular users log in, they don't have read access to other
FreeIPA sections like "Policy", "Authentication", "IPA Server"...?
My goal is - when user l
12 matches
Mail list logo