team at my place of work will want to know exactly what
the tool will do before they grant permission.
I have added this information to the AD trusts wiki page:
http://www.freeipa.org/page/IPAv3_AD_trust_setup#Add_trust_with_AD_domain
That link only gets me to an empty wiki page...
--
David
On lör, 2012-08-25 at 23:05 -0500, KodaK wrote:
I've just been informed by my boss's boss's boss that, and I quote
from his ridiculous email:
we cannot use anything other than MS AD for authentication
I've spent months of time and much effort rolling out IPA,
consolidating authentication
. Have a look at
http://freeipa.org/page/IPAv3_testing_AD_trust for some info on how this
can be tested.
--
David Juran
Sr. Consultant
Red Hat
+46-725-345801
signature.asc
Description: This is a digitally signed message part
___
Freeipa-users mailing
like it's describing a full two way
trust - in principal would a one way trust be feasible?
Allow the AD users (or a selection thereof) access to the systems part
of the IPA domain but not vice versa?
AFAIK, that is the only thing currently implemented.
--
David Juran
Sr. Consultant
Red Hat
+46
for the OOM-killer )-.
At this point you need to reboot the machine to recover but with some
luck, the syslog should contain some hints of where the memory went.
--
David Juran
Sr. Consultant
Red Hat
+46-725-345801
signature.asc
Description: This is a digitally signed message part
On fre, 2012-05-04 at 10:25 -0400, Simo Sorce wrote:
On Fri, 2012-05-04 at 16:04 +0200, David Juran wrote:
[04/May/2012:15:22:27 +0200] conn=8 fd=66 slot=66 connection from
local to /var/run/slapd-SRV-VOLVO-COM.socket
[04/May/2012:15:22:27 +0200] conn=8 op=0 BIND
dn=uid=kdc,cn
-13.el6.s390x
cyrus-sasl-gssapi-2.1.23-13.el6.s390x
--
David Juran
Sr. Consultant
Red Hat
+46-725-345801
signature.asc
Description: This is a digitally signed message part
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com
-stopper I'll get back to you, but
if schedule permits, I'd rather wait for the trust feature rather then
develop a new feature for this.
--
David Juran
Sr. Consultant
Red Hat
+46-725-345801
signature.asc
Description: This is a digitally signed message part
On Mon, 2011-11-21 at 11:55 -0500, Dmitri Pal wrote:
On 11/21/2011 11:48 AM, David Juran wrote:
Hello.
I have a customer who is using nisNetgroups in microsoft Active
Directory to keep track of which users are allowed to access which
services. I've understood that IPA today does
? Would that
allow us to use the nisNet groups in AD for HBAC and sudo?
--
David Juran
Sr. Consultant
Red Hat
+46-725-345801
signature.asc
Description: This is a digitally signed message part
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https
10 matches
Mail list logo