Hi All,
I'm using FreeIPA server VERSION: 4.4.0, API_VERSION: 2.213 and running on
CentOS 7 and have one replica server as well. I need to patch up centos system
as per PCI DSS compliance. Let me know whether I can proceed as usual or to
follow any sequential steps to achieve the task.
Thank you for pointing that out.
I should of course have been more specific: native aix sudo does not support
ldap and therefore sudorules from ldap, but it is possible
to install a different sudo version with ldap enabled.
Unfortunately, in our case, using external rpm's is not an option.
On ke, 17 touko 2017, Christopher Lamb wrote:
and I was feeling left out because I wasn't getting any spam, despite
other users reporting it.
Then I posted a new thread a few days ago, and within seconds I got several
spams, and did so for each post I made on that thread.
So I as far as I
to be more precise, a few minutes after I post, and a few seconds after I
get the mail with my post from freeipa-users
From: Christopher Lamb/Switzerland/IBM@IBMCH
To: "freeipa-users@redhat.com"
Date: 17/05/2017 06:26
Subject:Re: [Freeipa-users] Spam
and I was feeling left out because I wasn't getting any spam, despite
other users reporting it.
Then I posted a new thread a few days ago, and within seconds I got several
spams, and did so for each post I made on that thread.
So I as far as I can see something is picking up fresh posts,
Me too. I received a lot of spam messages from Amy Kristen.
ср, 17 мая 2017 г. в 3:16, Vinny Del Signore :
> Hi Andrew,
>
> I just sent my first mail today around 5:30pm EST and have already
> received five spam e-mails from "Amy Kristen". Three of these included nude
>
Hi Andrew,
I just sent my first mail today around 5:30pm EST and have already received
five spam e-mails from "Amy Kristen". Three of these included nude photos.
These are the two e-mail addresses used so far. Hoping this stops.
-Vin
Amy Kristen
Amy Kristen
Whats up with this wierd spam. This is the only list where I see this.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
Hi Dan
> With a one-way trust from FreeIPA 4.4 to Active Directory on WinServ2012r2, I
> am
> trying to use FreeIPA LDAP for user authentication.
> Is that supposed to work?
In the way you have described it, no. AD users/groups will not be in the
FreeIPA LDAP. So attempting to authenticate a
On 17 May 2017 8:50:02 AM NZST, "Robert L. Harris"
wrote:
>I can, though that's what I did 2 days ago, fresh install from latest
>ISO.
>
>
>On Tue, May 16, 2017 at 2:40 PM Andrew Holway
>wrote:
>
>> I have a feeling that there is something
With a one-way trust from FreeIPA 4.4 to Active Directory on WinServ2012r2, I
am trying to use FreeIPA LDAP for user authentication.
Is that supposed to work?
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to
I can, though that's what I did 2 days ago, fresh install from latest ISO.
On Tue, May 16, 2017 at 2:40 PM Andrew Holway
wrote:
> I have a feeling that there is something broken with your image. Could you
> try installing Centos from ISO?
>
>
> On 16 May 2017 at
Andrey Dudin writes:
> I trying to use OTP auth in Freeipa but have some problems.
OTP (with RADIUS) works for me.
> I have user *test:*
>
> [root@ipa-centos]# ipa user-show test
...
Did you enable --user-auth-type=otp with "ipa config-mod"? I have:
[root@freeipa1
I have a feeling that there is something broken with your image. Could you
try installing Centos from ISO?
On 16 May 2017 at 22:37, Robert L. Harris wrote:
>
> I left SELinux enabled, no change, still streaming the same error:
>
> [Tue May 16 14:36:48.957848 2017]
I left SELinux enabled, no change, still streaming the same error:
[Tue May 16 14:36:48.957848 2017] [:error] [pid 10780] NSS_Initialize
failed. Certificate database: /etc/httpd/alias.
[Tue May 16 14:36:48.957883 2017] [:error] [pid 10780] SSL Library Error:
-8038 SEC_ERROR_NOT_INITIALIZED
[Tue
Yea, I would try installing IPA then making the changes that you want. I
think SELinux should be left enabled however. It makes admin super fun! :)
On 16 May 2017 at 21:57, Robert L. Harris wrote:
>
> I did disable selinux as it gave errors setting up my standard
I did disable selinux as it gave errors setting up my standard users, etc.
I can roll back the snapshot, set it at 4Gigs of RAM and re-enable selinux
and then try again.
On Tue, May 16, 2017 at 1:52 PM Andrew Holway
wrote:
> This is pretty weird. FreeIPA installation
This is pretty weird. FreeIPA installation normally works.
Has the operating system image been changed or optimised somehow? Perhaps
SELinux has been disabled? Have you tried installing Centos7 from the ISO?
On 16 May 2017 at 21:48, Robert L. Harris wrote:
>
>2
Hello all.
I trying to use OTP auth in Freeipa but have some problems.
I have user *test:*
[root@ipa-centos]# ipa user-show test
User login: test
First name: test
Last name: test
Home directory: /home/test
Login shell: /bin/sh
Principal name: t...@mydomain.com
Principal alias:
2 Gigs, it's a VM. The VM didn't report any memory issues ( no alarms
on VMWare )
On Tue, May 16, 2017 at 12:29 PM Andrew Holway
wrote:
> Hallo,
>
> How much memory do you have on the machine. I have a sneaking suspicion
> that you're running out.
>
> Ta,
>
>
Hallo,
How much memory do you have on the machine. I have a sneaking suspicion
that you're running out.
Ta,
Andrew
On 16 May 2017 at 17:16, Robert L. Harris wrote:
>
> Last night I rolled back my snapshot. Here's what I have after the yum
> install
>
> "minimal"
I've extended the UI for host addition by including a multivalued
widget which stores puppetVar values (as well as the accompanying
Python plugin to handle it and schema update in the directory). This
works well, but I'd like to add one more thing and am not sure how to
do it.
There are certain
Last night I rolled back my snapshot. Here's what I have after the yum
install
"minimal" install of Centos7 + basic build.
{0}:/var/log>cat /etc/*elease
CentOS Linux release 7.3.1611 (Core)
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
Thanks, but I think I have a problem.
I have test user:
[root@ipa-centos]# ipa user-show test
User login: test
First name: test
Last name: test
Home directory: /home/test
Login shell: /bin/sh
Principal name: t...@mydomain.com
Principal alias: t...@mydomain.com
Email address:
As far as I found out, it is not possible to integrate sudo rules from IPA into
AIX. sudo on aix does not support that.
You will have to maintain /etc/sudoers by som other means.
Thats where you are mistaken. It is possible to integrate sudo rules into AIX,
I've done it and have documented it
On Tue, May 16, 2017 at 04:48:42PM +0300, Andrey Dudin wrote:
> Hello all.
>
> tell me please. Is it possible to use password and otp auth at the one
> moment?
>
> For example I have DEV/STAGE servers and want to be able use password auth
> for ssh, but for PROD servers I want to use OTP auth
Hi Folks,
Last week I deployed freeipa on a CentOS7 VM. The installation went
very smoothly using:
yum install ipa-server
and
ipa-server-install
My issue is with connecting a CentOS 7 client. On my client, I yum
installed ipa-client and ipa-admintools.
I than ran
Hello all.
tell me please. Is it possible to use password and otp auth at the one
moment?
For example I have DEV/STAGE servers and want to be able use password auth
for ssh, but for PROD servers I want to use OTP auth for same user.
--
Manage your subscription for the Freeipa-users mailing
On 05/15/17 16:44, Rob Crittenden wrote:
>
> I'm confused. You mention replacing some "externally signed certificate"
> and yet then ask switching to externally signed certificates. What is
> the current configuration? What is signing the existing server certs? Or
> do you have an external CA
On 2017-05-15 21:27, Jakub Hrozek wrote:
[...]
On Mon, May 15, 2017 at 03:54:22PM +0200, Ronald Wimmer wrote:
Hi,
I am confronted with a behaviour for which I do not have an explanation for.
I am using NFS4 Kerberos automounted homeshares and and recently I got a
permission denied
30 matches
Mail list logo