On Thu, Feb 16, 2017 at 06:05:48PM -0500, William Muriithi wrote:
> David
>
>
> >
> > The fact that your desktops are using SSSD changes the situation
> > dramatically.
> >
> > SSSD (with ipa or krb5 provider) obtains ticket for user when he is
> > logging-in.
> > And can be configured to renew
On Thu, Feb 16, 2017 at 5:23 PM, Tiemen Ruiten wrote:
> @Jeff, I did see that on one of the existing masters the listener was
> configured to be "::1". I changed it to 127.0.0.1 but no difference. I
> commented the ::1 localhost entry in /etc/hosts on all three nodes, no
> difference either. My j
Hi Flo,
Sure I can, I will look through the steps closely tomorrow and will
create some lineup here.
Cheers,
Matt
2017-02-16 23:55 GMT+01:00 Florence Blanc-Renaud :
> On 02/16/2017 09:55 PM, Matt . wrote:
>>
>> Hi Flo! (if I may call you like that, saves some characters in typing
>> but with th
David
>
> The fact that your desktops are using SSSD changes the situation dramatically.
>
> SSSD (with ipa or krb5 provider) obtains ticket for user when he is
> logging-in.
> And can be configured to renew the ticket for the user until the ticket renew
> life time expires.
>
> Given this you c
On 02/16/2017 09:55 PM, Matt . wrote:
Hi Flo! (if I may call you like that, saves some characters in typing
but with this extra line it doesn't anymore :))
This works perfectly, thank you very much.
Hi Matt,
glad I could help. What did you do differently that could explain the
failure, thoug
Hi Flo! (if I may call you like that, saves some characters in typing
but with this extra line it doesn't anymore :))
This works perfectly, thank you very much.
No questions further actually :)
Cheers,
Matt
2017-02-16 11:17 GMT+01:00 Florence Blanc-Renaud :
> On 02/15/2017 05:40 PM, Matt . wro
Tommy Nikjoo writes:
> I'm having some issues with 2FA PAM config's on Ubuntu clients.
> Currently, I'm guessing that the PAM module doesn't know how to talk to
> the 2FA protocol. Is anyone able to give an in site into how to get
> this working correctly?
You may need to fix /etc/pam.d/common
@Martin: No messages are generated in the errors log during the failed
replica install, there are some warnings, but they are generated at
different times and they don't look related.
@Jeff, I did see that on one of the existing masters the listener was
configured to be "::1". I changed it to 127.
Hello,
I'm trying to add a third replica to a FreeIPA 4.4 domain (level 1), but
I'm getting this error:
[tiemen@copernicum ~]$ sudo ipa-replica-install -P admin -w "XX"
> --mkhomedir --setup-dns --forwarder 8.8.8.8 --forwarder 8.8.4.4
> Checking DNS forwarders, please wait ...
> Run conne
On 16.02.2017 17:21, Tiemen Ruiten wrote:
Hello,
I'm trying to add a third replica to a FreeIPA 4.4 domain (level 1),
but I'm getting this error:
[tiemen@copernicum ~]$ sudo ipa-replica-install -P admin -w
"XX" --mkhomedir --setup-dns --forwarder 8.8.8.8
--forwarder 8.8.
Might be another instance of this:
https://fedorahosted.org/freeipa/ticket/6613
Jeff
On Thu, Feb 16, 2017 at 11:21 AM, Tiemen Ruiten
wrote:
> Hello,
>
> I'm trying to add a third replica to a FreeIPA 4.4 domain (level 1), but
> I'm getting this error:
>
> [tiemen@copernicum ~]$ sudo ipa-replica
Alexandr Slavov wrote:
> Thanks for your response.
> I was added custom ErrorLogFormat , but not resolved.
> I think this is python output information.
>
> Can your have any idea?
>
> Where can I open ticket about add this?
For the short term https://fedorahosted.org/freeipa/newticket
You ne
Thanks for your response.
I was added custom ErrorLogFormat , but not resolved.
I think this is python output information.
Can your have any idea?
Where can I open ticket about add this?
Alexandr Slavov wrote:
> Hello all.
> We use CentOS 7 ,FreeIPA 4.4, Apache 2.4
> We installed audit s
On Mon, Nov 28, 2016 at 03:09:51PM +, Deepak Dimri wrote:
> Hi Jan, sorry to ask but where exactly i can modify the referer with
> RequestHeader on IPA Server?
>
I've now described the load-balancing setup for WebUI with FreeIPA
replicas at
https://www.adelton.com/freeipa/freeipa-b
Alexandr Slavov wrote:
> Hello all.
> We use CentOS 7 ,FreeIPA 4.4, Apache 2.4
> We installed audit system like
> http://www.freeipa.org/page/Centralized_Logging for monitoring "Who's
> What's Doing".
> Audit system parsing /var/log/httpd/error_log and logging to Elasticsearch.
>
> Some string fo
Thank you very much Ludwig, that worked. I had to do a ldapdelete -r
(recursive) to remove a few containers which apparently had some tombstone
entries in them. Domain is now running at level 1!
On 16 February 2017 at 13:58, Ludwig Krispenz wrote:
>
> On 02/16/2017 01:32 PM, Tiemen Ruiten wrote:
On Thu, Feb 16, 2017 at 07:54:47AM -0500, William Muriithi wrote:
> Morning David,
>
> Thank you very much for your help.
>
> > first you're mentioning "key expiry" but if I understand correctly you're
> > interested in "ticket lifetime".
> Yes, want to increase ticket lifetime.
> >
> > As mentio
Hello All,
Version: IPAv4.4
OS: RHEL 7.3
Having a python import issue during ipa-server-install here, and the internets
are failing me. Please note that the urls and server names have been
abstracted. During the install run, I get the following:
Forwarding 'schema' to json server 'ht
Hello all.
We use CentOS 7 ,FreeIPA 4.4, Apache 2.4
We installed audit system like http://www.freeipa.org/page/Centralized_Logging
for monitoring "Who's What's Doing".
Audit system parsing /var/log/httpd/error_log and logging to Elasticsearch.
Some string for Remove user from group in FreeIP
On 02/16/2017 01:32 PM, Tiemen Ruiten wrote:
Hello,
I have a FreeIPA setup in which some masters suffered from a few
uncontrolled shutdowns and now there are replication conflicts (which
prevent from setting the Domain Level to 1).
I was trying to follow the instructions here:
https://acce
Morning David,
Thank you very much for your help.
> first you're mentioning "key expiry" but if I understand correctly you're
> interested in "ticket lifetime".
Yes, want to increase ticket lifetime.
>
> As mentioned here [1] the ticket lifetime is the minimum of 4 values:
> 1) maxlife for the us
Hello,
I have a FreeIPA setup in which some masters suffered from a few
uncontrolled shutdowns and now there are replication conflicts (which
prevent from setting the Domain Level to 1).
I was trying to follow the instructions here:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise
On 02/15/2017 05:40 PM, Matt . wrote:
Hi,
Is there any update on this ? I need to install 3 other instances but
I would like to know upfront if it might be a bug.
Hi Matt,
I was not able to reproduce your issue. Here were my steps:
Install FreeIPA with self-signed cert:
ipa-server-install -n
On 15.02.2017 23:11, Jason B. Nance wrote:
Hello All,
I have managed to lose the Directory Manager password for my FreeIPA 4.4.0
instance. I've found the following documentation:
http://directory.fedoraproject.org/docs/389ds/howto/howto-resetdirmgrpassword.html
And:
http://www.
24 matches
Mail list logo