_
Freeipa-users mailing list
Freeipa-users@redhat.com <mailto:Freeipa-users@redhat.com>
https://www.redhat.com/mailman/listinfo/freeipa-users
___
Freeipa-users mailing list
Freeipa-users@redhat
s=0 etime=0
[26/May/2014:09:09:03 -0400] conn=183751 op=5 UNBIND
[26/May/2014:09:09:03 -0400] conn=183751 op=5 fd=111 closed = U1
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
On 05/27/2014 09:44 AM, Bret Wortman wrote:
I just checked to be sure, and we do already put all the IPA servers
in our client host tables just to be sure they can be reached even if
DNS goes down.
Sorry, I am running out of ideas.
On 05/27/2014 09:20 AM, Dmitri Pal wrote:
On 05/27/2014
llersville, PA 17551
E-mail: david.fitzger...@millersville.edu
PH: 717-871-2394
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM po
the password needs to be
changed for him after migration. Since you have winbind in the stack
still it kicks in and tries. Authentication seems to work because it is
just Kerberos but the authorization fails so user can't log in.
User foo was properly created so he can authenticate.
I suspect that migration was not properly completed. Please check
documentation about migration.
Thanks
Scott A
--
Scott Allen
Head of IT
The Embassy Visual Effects Inc.
4th Floor - 177 W 7th Avenue
Vancouver, B.C.
V5Y 1L8
604.696.6862 ext 241
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
s in trust relations and would know how to deal with tickets coming
from AD side.
This is why there are two arrows. They show communication.
Thanks very much.
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo
On 05/30/2014 08:23 PM, tizo wrote:
On Fri, May 30, 2014 at 6:40 PM, Dmitri Pal <mailto:d...@redhat.com>> wrote:
On 05/30/2014 05:00 PM, tizo wrote:
From: Alexander Bokovoy
To: Sumit Bose
Cc: freeipa-users redhat com
Subject: Re: [Freeipa-use
it or any information in it. Please notify the above if
any misdirection./
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Re
ert = /etc/ipa/ca.crt
autofs_provider = ipa
ipa_automount_location = default
subdomains_provider = ipa
[sssd]
services = nss, pam, autofs, ssh
config_file_version = 2
domains = linux.home
[nss]
[pam]
[sudo]
[autofs]
[ssh]
[pac]
From:
freeipa-users-boun...@redhat.com<mailto:freeipa-users-
eed to configure a radius server to which PIN+Code
will be sent for verification.
This is the project page: http://www.freeipa.org/page/V3/OTP
Simo.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
___
Freeipa-users m
hes to fry and cats to skin.
Stay tuned.
Bryce
*From:*freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] *On Behalf Of *Dmitri Pal
*Sent:* Wednesday, May 14, 2014 4:13 PM
*To:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] External collaboration edits
On 04/
rs mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.c
list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
No. IPA passwords are not reversible by design.
In general it is a very bad security practice to make password reversible.
Password reset is the way to go.
--
Thank you,
Dmitri Pal
Sr. Engineering Manage
k you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
Consortium board
of directors and it gave me goose bumps.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
what
the problem is.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
thentication happens against AD but everything else is going
through IPA. I do not feel like recommending this.
any more info on this? (how hackish is it? and what is meant with
"client configuration"?)
thanks for the input!
stijn
Simo.
--
Thank you,
Dmitri Pal
Sr. Enginee
itories with necessary packages
for epel7. Any help from community members is welcomed.
LS
We will put in into Fedora and have a copr build for RHEL7. It would not
be an EPEL since that would be against the EPEL policies.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
will be crickets :-)
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
anies please visit our
website at virginmoney.com
Soon after the person in charge returns from vacation :-)
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/fr
learn from this?
Was it a misconfiguration or something else?
Could we have done something better to avoid situations like this?
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.
/msg00028.html
- Jitse
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
doubt this has been done but the long term
plan is to make it possible.
By trying and reporting issues you would help us to make it possible sooner.
If you are interested we can drill down into more details.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage
I can successful do an ipa-user-add foo?
What version of ipa are you using? What version of 389?
rpm -qa|grep ipa
rpm -qa|grep 389
Can you provide excerpts from your 389 errors log
/var/log/dirsrv/slapd-DOMAIN/errors from around the time of the
problems
mentioned above?
Was this ever figured
hat I have planned but not yet accomplished)?
Thanks for your help.
[1] http://techslaves.org/2011/08/24/freeipa-and-samba-3-integration/
Mit freundlichen Gruessen/With best regards,
--Daniel.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage
).
For further details of Virgin Money group companies please visit our website at
virginmoney.com
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
On 07/18/2014 09:23 AM, Martin Kosek wrote:
On 07/18/2014 03:12 PM, Dmitri Pal wrote:
On 07/18/2014 08:17 AM, Innes, Duncan wrote:
Hi Petr,
On 18/07/2014 11:24, Petr Vobornik wrote:
Hello Duncan,
thank you for the input. If you or somebody else have any Web UI
ideas/RFEs, feel free to
accounts,dc=example,dc=com
rob
Should we turn it into HOWTO?
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
HOWTO page then?
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
dvice. Anything I
should watch out for in IPA? I know that's vague, but I'm just
seeking general advice.
Thanks,
--Jason
I do not see any replies.
How did it go?
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeip
eeded information already.
Should we turn it into a HOWTO page then?
Yes, I would appreciate that.
Any volunteers?
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/lis
tion it contains may violate the law and
subject the violator to civil or criminal penalties. If you believe you have
received this message in error, please notify the sender and delete the email
immediately.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Mana
ase notify us by reply e-mail or telephone and
immediately and permanently delete the message
and any attachments. Thank you
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.c
On 07/21/2014 10:15 AM, dbisc...@hrz.uni-kassel.de wrote:
Dmitri,
thanks for your answer.
On Wed, 16 Jul 2014, Dmitri Pal wrote:
On 07/16/2014 07:16 AM, dbisc...@hrz.uni-kassel.de wrote:
I have IPA running on a CentOS 6 server. This server also acts as
NFS- and Samba server. My Linux
have these RFEs and they are in plans.
They have not been implemented because it required a lot of the upstream
Kerberos standards work.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redha
ation_indicator
HTH
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
A to 'files' in nsswitch.conf. The main reason I want to duplicate
the local UID/GID's in IPA is to retain file permissions.
Josh
I want to add that IPA is working on the concept of views. This means
that once it is implemented you would be able to have UID/GID in IPA and
users in AD.
2014 03:46 PM, Chris Whittle wrote:
> http://www.freeipa.org/page/HowTo/Integrate_With_Okta
>
>
> On Sat, Aug 9, 2014 at 11:31 PM, Dmitri Pal mailto:d...@redhat.com>> wrote:
>
>> On 08/08/2014 04:26 PM, Chris Whittle wrote:
>>
>> Hey
On 08/11/2014 09:29 PM, dbisc...@hrz.uni-kassel.de wrote:
Hi,
On Sun, 10 Aug 2014, Dmitri Pal wrote:
On 07/21/2014 10:15 AM, dbisc...@hrz.uni-kassel.de wrote:
On Wed, 16 Jul 2014, Dmitri Pal wrote:
On 07/16/2014 07:16 AM, dbisc...@hrz.uni-kassel.de wrote:
I have IPA running on a CentOS 6
. That;s the beauty
of Free Software!
Good luck! HTH,
James
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
de the FW and in DMZ/remote are really same
users?
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
fter
that you can use different tools to process it: logstash, splunk, etc.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.or
quiet use_uid
session required pam_unix.so
session require pam_sss.so
--
how to solve this problem?
thanks
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription f
on RHEL.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
On 08/20/2014 04:29 PM, alireza baghery wrote:
yes right. ipa trust relation with AD and subdomain AD. yes gde
produce log
It seems that you have some custom polkit policy that fails to load. Did
you play with some polkit policies?
On Wed, Aug 20, 2014 at 5:27 PM, Dmitri Pal <mailt
h makes the backport that much more
difficult.
rob
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
an use yum search too.
Eg: 'yum search freeipa' to find it.
Cheers,
James
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> G
the client. And then there are issues with the
password change if you use OTPs managed by IPA (but not external ones).
But other than that 1.11 SSSD on top of F20+ and RHEL/CentOS 7 should work.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your
ng to do
I then tried
[root@xavier yum.repos.d]# yum install ipa-server
and just got the 3.3 stuff...
I'm so close, I can taste it
Thanks for all your help
On Sat, Aug 23, 2014 at 8:23 AM, Dmitri Pal <mailto:d...@redhat.com>> wrote:
On 08/23/2014 02:22 PM, Chri
losely, the "epel-7" repo is actually empty. There
are no packages there.
So there are no packages to actually install. Only the "fedora"
repos in that same tree have packages.
~K
On 8/23/14 12:29 PM, Dmitri Pal wrote:
On 08/23/2014 08:33 PM, Chris Whi
polished in all distros.
~K
On 8/23/14 12:51 PM, Dmitri Pal wrote:
On 08/23/2014 09:46 PM, Chris Whittle wrote:
Thanks Kat, so what do I need to do? I have a brand new Centos 7
Server and I am itchy to install FreeIPA 4...
I suspect there are only two options:
1. Wait for project
ug 23, 2014 at 3:48 PM, Dmitri Pal <mailto:d...@redhat.com>> wrote:
On 08/23/2014 10:32 PM, Kat wrote:
I am working on the same thing - specifically I have found the
libnl dependencies to be the biggest headache. If I get anywhere
over the weekend, I will let you all know
but I am not sure it made its way into all distros yet.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info
<mailto:yago...@gmail.com>>
> <mailto:yago...@gmail.com <mailto:yago...@gmail.com>
<mailto:yago...@gmail.com <mailto:yago...@gmail.com>>>
> >
> >
> >
>
>
>
an do only basic proxy setup which can be done with
a DS server and PAM proxy plugin - a non goal for IPA.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
On 08/28/2014 04:56 PM, Chris Whittle wrote:
We are going to use a SSO provider like OneLogin to enforce a password
policy how can we disable FreeIPA from doing it also?
I do not think you can.
You can make IPA policy less restrictive then it would just not apply.
--
Thank you,
Dmitri Pal
one for changing your own password and
another for resetting other users password.
2) Are there more differences in policies between the first (primary)
admin and the second admin you just created?
Kind regards,
Zip
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
gs of your login try.
Also sssd.conf and pam.conf as well as ssh configuration would be helpful.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
another non IPA DNS server to be a slave then you can do it.
See http://www.freeipa.org/page/V3/DNS_SOA_serial_auto-incrementation
for more information.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list
will take some time to materialize.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
picture you need to aggregate
logs from different systems and process them. There are good open source
solutions like Logstash or commertial like Splunk to process logs centrally.
HTH
Thanks
Dmitri
On Mon, Sep 1, 2014 at 11:12 AM, Dmitri Pal <mailto:d...@redhat.com>> wrote:
On 09/01/2014 12:05 PM, Martin Kosek wrote:
On 09/01/2014 07:50 AM, Dmitri Pal wrote:
On 08/29/2014 09:32 PM, Matthew Sellers wrote:
Hi Everyone!
I am using FreeIPA 3.3.5 on Fedora 20 and attempting to configure FreeIPA to
send notifies to non-IPA slaves, but it seems broken on IPA ( notify
sudo operations?
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
ogging in?
I'm sorry for the noob questions but there isn't a lot of good
documentation on SlapNIS from first glance and I don't want to
spend 2 days figuring it out if it's not going to work.
As always extremely appreciated!
Whitt
On Tue, Sep 2, 2
sed in 4.0.
Stay tuned, the chivalry is on the way...
On Tue, Sep 2, 2014 at 3:06 PM, Dmitri Pal <mailto:d...@redhat.com>> wrote:
On 09/02/2014 09:34 PM, Chris Whittle wrote:
Ok Dmitri, I got it added using what you sent and the following
links
https://git.fedoraho
and online downstream manuals on how to use
migrate-ds command.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more i
What is your goal?
IPA is the central store for the accounts it takes over the machine and
configures the client on the server. Other tools should not be used
after you install it.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription fo
t; dir only has empty "krb5.include.d".
I don't know if this failure is due to the fact that the setup didn't
run all the way and some configuration is missing or this is a
separate issue .
Are these bugs that need to be filled with bugzilla or am I doing
something i
helps me ?
Thanks for your help.
Which version of IPA?
There reason for the question is because in FreeIPA 4.0 the ACIs were
significantly reworked.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list
On Mon, Sep 8, 2014 at 5:50 PM, Dmitri Pal <mailto:d...@redhat.com>> wrote:
On 09/08/2014 03:49 PM, Olga Kornievskaia wrote:
Can somebody help with the following problem(s) I’ve encountered
while trying to install the freeipa server?
Problem #1:
On fedora 20,
e received this message in error,
please notify the sender and delete the email immediately.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
od of time then we
should probably file a ticket and process it later.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more
civil or criminal
penalties. If you believe you have received this message in error,
please notify the sender and delete the email immediately.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https
On 09/09/2014 06:44 PM, Rob Crittenden wrote:
Kat wrote:
On 9/9/14 3:18 PM, Dmitri Pal wrote:
On 09/09/2014 12:55 PM, Rich Megginson wrote:
On 09/09/2014 10:41 AM, Kat wrote:
The problem I see is simple - not being able to add additional
replicas after the migration?
What I meant to say is
problem for the first replica or for any replica?
I mean that if you add any new replica after the migration (install
master and replica and then migrate then add another replica) you would
be able to reproduce the problem. Is this the case?
~K
On 9/9/14 4:32 PM, Dmitri Pal wrote
Well may be
rver (installed from yum repos)
Ideally you'd need to use RHEL 7 or CentOS 7 for trusts as IPA version
3.3 is more mature in this regard.
FYI
https://fedorahosted.org/freeipa/ticket/3266
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage
3thZf
PooMTTiiy7R6gZiZdvqjl0G4QmJvegjHjWySZZwIjPKZAeEb7fI8jEpLOSM54KQ6
sqSR7rg3TB0P91YAMqXo
=AscS
-END PGP SIGNATURE-
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for
1nUaTtAsPflYyJSudrFclLZFw4YaC4d5SoSnN+LDiOcmpz2AIfHlmwc2AMZW/c2G
nHcbSw0JNrfS1bHK6H9AO6q2LORWji8Usf3xTcZba+vC3eD/v0UPmISUW1kVWdKh
Jrc6QM2LipgK5KmpjTKa
=t75e
-END PGP SIGNATURE-
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for
.
But it is your responsibility to either rebuild the package with new
bitmap and support it in your deployment or change it to your image
after every update in your deployment.
Thanks,
Bill
On Wed Sep 10 16:42:29 2014, Dmitri Pal wrote:
On 09/10/2014 06:52 PM, William Graboyes wrote
multi step manual procedure. This is why we developed
the tool.
But you should be all set for now. You would not need to change anything
for several years.
Thanks
Dmitri
Thanks,
Bill
On Wed Sep 10 16:49:24 2014, Dmitri Pal wrote:
On 09/10/2014 07:26 PM, William Graboyes wrote:
-BEGIN PGP
1Y
-END PGP SIGNATURE-
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
to
continue operations. But Kerberos is needed for the first connection. It
is a requirement because it is a best practice.
Thanks,
tamas
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https
it via the simplex "index" names. Is that
currently possible (esp given that the cnames are actualy in a
different DNS domain)?
Thanks,
-M
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing li
On 09/12/2014 12:13 AM, barry...@gmail.com wrote:
Hi:
i set max life no expiry already but still pomt reset password every 3
month
any idea to disable it ??? what happening
Regards
Where/how did you set it and what version do you run?
--
Thank you,
Dmitri Pal
Sr. Engineering Manager
On 09/12/2014 07:13 AM, Dmitri Pal wrote:
On 09/12/2014 12:13 AM, barry...@gmail.com wrote:
Hi:
i set max life no expiry already but still pomt reset password every
3 month
any idea to disable it ??? what happening
Regards
Where/how did you set it and what version do you run?
AFAIR
On 09/12/2014 09:36 AM, Tamas Papp wrote:
On 09/12/2014 02:47 PM, Martin Kosek wrote:
On 09/11/2014 02:06 AM, Dmitri Pal wrote:
On 09/10/2014 07:10 PM, Tamas Papp wrote:
hi All,
Is there an offficial API documentation available?
Unfortunately not much. You can search archives and find
y allows me to create
service prinicpals for existing hosts)
Any help or pointers would be greatly appreciated
-M
On Fri, Sep 12, 2014 at 4:12 AM, Dmitri Pal <mailto:d...@redhat.com>> wrote:
On 09/11/2014 09:25 PM, Michael Lasevich wrote:
If I remember correctly, you could not us
les.
As for RBAC what do you mean?
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
ur subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-us
On 09/14/2014 03:42 AM, Gregor Bregenzer wrote:
2014-09-14 1:14 GMT+02:00 Dmitri Pal :
On 09/13/2014 05:27 PM, Gregor Bregenzer wrote:
Hi!
There are two ways that you can use to integrate FreeIPA with AD: a.)
trust b.) synchronization Here are the pros/cons for both of them:
http
g documentation but
here is the project page for reference:
https://fedorahosted.org/gss-proxy/
Simo.
Also opened https://fedorahosted.org/freeipa/ticket/4544
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
over past seven years is tremendous.
http://technet.microsoft.com/en-us/library/cc773178%28v=ws.10%29.aspx
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-u
this
list archives and wiki on how to do it.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
software on the Windows domain controllers to
copy user passwords to an untrusted entity?
- Greg
Bravo!
This deserves a wiki page, blog and a keynote at a couple conferences.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
copying
or disseminating it or any information in it. Please notify the above if any
misdirection.
There are also couple resources on the wiki:
http://www.freeipa.org/page/HowTos
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription
,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
allow clusters that have to share the same
key but it might be applicable to your use case too.
Thanks
Dmitri
On 18 September 2014 23:04, Dmitri Pal <mailto:d...@redhat.com>> wrote:
On 09/18/2014 10:12 AM, Walid A. Shaari wrote:
Hi,
we are going to have a use case of
rs without
passwords in a script.
You can set a random password, send it to account owner in a script and
make account owners to change passwords (default) on the first use.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-use
ser's ccaches, though that
may comport some minor risk and will force you to run gss-proxy as
root.
HTH,
Simo.
--
Simo Sorce * Red Hat, Inc * New York
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing l
On 09/23/2014 03:55 PM, Walid wrote:
Yes Dmitri these two hints would definitely help, the servers are not
4.x yet though.
The first one is available in FreeIPA 3.3 which ships with RHEL7.
On 19 September 2014 23:14, Dmitri Pal <mailto:d...@redhat.com>> wrote:
On 09/19/2014
401 - 500 of 1617 matches
Mail list logo
