Hello Team,
We are hosting a few servers at Amazon and using their Elastic Load Balancing
service that gives us a link to a load balancer in the following format:
webserver-1234567890.us-east-1.elb.amazonaws.com
I was looking for a ways to implement a shorter alias using CNAME like:
I did notice the same behavior.
This is my setup:
[root@ipa-idm]# yum list installed ipa-*
Installed Packages
ipa-admintools.x86_64
4.1.0-18.el7_1.3
Hi Martin,
Thank you for a catch! I just noticed that I was missing the dot you mentioned!
Regards,
Andrey
From: Martin Basti mba...@redhat.commailto:mba...@redhat.com
Date: Thursday, May 7, 2015 at 2:37 AM
To: Andrey Ptashnik aptash...@cccis.commailto:aptash...@cccis.com,
freeipa-users
Hello Team,
We have RHEL 7.1 and IPA server 4.1.0 in our environment as well as stack of
Oracle software that require existence of local passwordless users like
weblogic and oracle.
Users log in to servers via domain accounts at IPA server.
I’m trying to configure Sudo policy in IPA server
entry `NOPASSWD:'
Last login: Tue May 12 15:00:31 CDT 2015 on pts/1
Last failed login: Wed May 13 10:46:52 CDT 2015 on pts/0
There were 7 failed login attempts since the last successful login.
[oracle@webserver ~]$
Regards,
Andrey Ptashnik
From: Gould, Joshua joshua.go
Hello,
I’m wondering if establishing two way trust or one way trust in upcoming 4.2
release somehow is going to affect FreeIPA feature set, like ability to add
windows groups to external groups or anything else I may not think of right now?
Our Windows security team is expressing concerns
Hello Team,
I know that FreeIPA server supports management of public keys for each user and
it is a very convenient feature.
Are there any possible way to manage private keys as well including features
like re-issuing the key pair if it gets compromised?
Regards,
Andrey
--
Manage your
It looks like Vault is the functionality I was looking for.
Thank you Rob and Dmitri for your responses.
Regards,
Andrey
On 4/8/15, 5:59 PM, Rob Crittenden rcrit...@redhat.com wrote:
Andrey Ptashnik wrote:
Hello Team,
I know that FreeIPA server supports management of public keys
. We wanted to rebuild the
Master node.
What are the correct steps to move master functions to the replica, retire the
old master and rebuild it?
Regards,
Andrey Ptashnik
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go
Hello IPA team,
I’m wondering if there is any compatibility that can be established with legacy
RHEL CentOS 5.5 machines. Is there any easy way to setup minimal feature set
like central authentication and maybe something else?
Regards,
Andrey Ptashnik
--
Manage your subscription
Thank you, Rob and Martin!
I was under impression that that v.5 was not supported at all, because "yum
search ipa” did not return any search results in main or EPEL repository.
Andrey Ptashnik
On 11/16/15, 3:24 AM, "Martin Kosek" <mko...@redhat.com> wrote:
>On
-upgradeconfig
But I have a feeling that there might be some prerequisites that is a common
knowledge that was not mentioned and I’m not aware of… Are there any steps that
needs to be completed before I execute above commands?
Regards,
Andrey Ptashnik
--
Manage your subscription for the Freeipa-users
Also I don’t see IPA server 4.2.1 in RHEL repository, is it already available?
[root@sever]# yum list ipa-server
ipa-server.x86_64 4.1.0-18.el7_1.4 @rhui-REGION-rhel-server-releases
[root@server]#
Regards,
Andrey Ptashnik
From:
<freeipa-users-boun...@redhat.com<mailto:freeipa
I see that RHEL 7.2 relase date is still “TBA”. Are there any plans to make
newer versions of IPA sever sooner than RHEL 7.2?
Regards,
Andrey Ptashnik
On 10/12/15, 1:26 PM, "Alexander Bokovoy" <aboko...@redhat.com> wrote:
>On Mon, 12 Oct 2015, Andrey Ptashnik wrote:
I we have a production environment, is it a safe move to upgrade to 7.2 Beta?
And then still question remains what are correct steps to go from 4.1.0 to
4.2.0?
Regards,
Andrey Ptashnik
On 10/12/15, 1:44 PM, "Rob Crittenden" <rcrit...@redhat.com> wrote:
>Andrey Ptashn
I see, so your best advice is to wait for official release of 7.2 and upgrade
all at once even if I need just a few simple fixes like “search for non-admin
users” and etc…?
Are there any approximate timeline for 7.2 release?
Regards,
Andrey Ptashnik
On 10/12/15, 2:10 PM, "Alex
I usually try not to. On the other side I see that many important fixes are
coming with major/minor releases, and trying to figure out my course of actions
until fixes and/or release become available.
Regards,
Andrey Ptashnik
On 10/12/15, 7:46 PM, "freeipa-users-boun...@redha
some functionality is missing from
client package 3 vs 4, like automatic update of both forward and reverse DNS
records.
Is it possible to install IPA client v. 4 on Red Hat 5 and 6 without much
breaking dependencies in OS?
Regards,
Andrey Ptashnik | Network Architect
CCC Information Services Inc
/openldap/ldap.conf
NTP enabled
Configured /etc/ssh/ssh_config
Configured /etc/ssh/sshd_config
Client configuration complete.
Regards,
Andrey Ptashnik
On 9/16/15, 8:43 AM, "Alexander Bokovoy" <aboko...@redhat.com> wrote:
>On Wed, 16 Sep 2015, Andrey Ptashnik wrote:
>>De
Any ideas on that?
Regards,
Andrey Ptashnik | Network Architect
CCC Information Services Inc.
222 Merchandise Mart Plaza, Suite 900 Chicago, IL 60654
Office: +1-312-229-2533 | Cell : +1-773-315-0200 | aptash...@cccis.com
On 9/16/15, 11:30 AM, "freeipa-users-boun...@redhat.com on b
.in-addr.arpa. --allow-sync-ptr=TRUE
--dynamic-update=TRUE
Ultimately I think bringing all nodes to SSSD 1.12.4 version solved the problem.
Thank you, IPA team, for your support!
Regards,
Andrey Ptashnik
On 9/17/15, 10:32 AM, "Rob Crittenden" <rcrit...@redhat.com> wrote:
>An
ecord not found” error message.
Are there any ways to forcefully delete such stalled records or find out the
root cause of this error message?
Regards,
Andrey Ptashnik
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to ht
dNSTTL: 1200
objectClass: idnsRecord
objectClass: top
Number of entries returned 1
[root@ipa-idm]#
Regards,
Andrey Ptashnik
From: Martin Basti <mba...@redhat.com<mailto:mba...@redhat.com>>
Date: Monday, December 7, 2015
Martin,
For my education, how did you identify that from my output?
Regards,
Andrey Ptashnik
From: Martin Basti <mba...@redhat.com<mailto:mba...@redhat.com>>
Date: Monday, December 7, 2015 at 1:24 PM
To: Andrey Ptashnik <aptash...@cccis.com<mailto:aptash...@cccis.com&
– is a perfect
example).
Regards,
Andrey Ptashnik
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
– is a perfect
example).
Regards,
Andrey Ptashnik
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
etely. Additionally if I can
expect the same behavior on client versions lower than CentOS/RHEL 7.1 + IPA 4.1
Regards,
Andrey Ptashnik
On 12/14/15, 4:21 AM, "Alexander Bokovoy" <aboko...@redhat.com> wrote:
>On Fri, 11 Dec 2015, Andrey Ptashnik wrote:
>>Hello T
Team,
Is it possible to setup read only replica for use in DMZ for example?
Regards,
Andrey
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
Hello IPA team,
Is there a way to implement IPA to IPA trust between different domains?
We are thinking of using more than one domain, however we will need users to
cross login from one domain to another.
Regards,
Andrey
--
Manage your subscription for the Freeipa-users mailing list:
Hi IPA team,
Can I use the same FreeIPA server to be a domain controller for more than one
domain?
Regards,
Andrey Ptashnik
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info
Hello FreeIPA team,
Our FreeIPA server cluster is at version 4.2.0 and expecting Ubuntu 16 machines
with FreeIPA client software 4.3.1 soon to join our IPA domain. Are there any
compatibility issues that we may encounter?
Regards,
Andrey
--
Manage your subscription for the Freeipa-users
Hello FreeIPA team,
Our FreeIPA server cluster is at version 4.2.0 and expecting Ubuntu 16 machines
with FreeIPA client software 4.3.1 soon to join our IPA domain. Are there any
compatibility issues that we may encounter?
Regards,
Andrey
--
Manage your subscription for the Freeipa-users
Hello,
We have Centos 7.2 and IPA 4.2 version.
I remember that in previous versions in order to upgrade to the latest one I
had to run IPA upgrade scripts that would separately upgrade LDAP database. Is
that the same procedure if I need to upgrade from version 4.2?
Regards,
Andrey
--
Manage
lan Musicman <data...@gmail.com<mailto:data...@gmail.com>>, Andrey
Ptashnik <aptash...@cccis.com<mailto:aptash...@cccis.com>>
Cc: "freeipa-users@redhat.com<mailto:freeipa-users@redhat.com>"
<freeipa-users@redhat.com<mailto:freeipa-users@redhat.com>&g
34 matches
Mail list logo