Hi,
I need to add several Solaris 11 servers as clients to a Freeipa server and
wonder if there is anyone that have done so successfully?
The guide in freeipa documentation mentions Solaris 9 and 10 but nothing on
Solaris 11.
I have tried with the guide for Solaris 11 but do not get it to work
Hi,
When trying to generate a host and nfs principal + keys from the Oracle ZFS
7120/7320 Appliance i get the following error message (note that the
information pasted are from a simulator but i get exactly the same error from
our real Appliances).
I can't generate a key on the IPA server and
/Free IPA.
On 12/18/2012 06:24 AM, Johan Petersson wrote:
Hi,
Unfortunately i still get the same error from the Appliance even after having
added both host and nfs principals in the IPA web interface.
failed to create principal 'host/zfs1.home@HOME': libkadm5clnt error:
43787522 (Operation
, December 18, 2012 17:50
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Does Solaris 11 work as client to IPA server?
On 12/18/2012 04:06 AM, Sigbjorn Lie wrote:
On Tue, December 18, 2012 08:28, Johan Petersson wrote:
Hi,
We are implementing IPA Server and are gong to need to be able
pam.conf file?
Is this Solaris 11 or Solaris 11.1?
Regards,
Siggi
On Thu, December 20, 2012 09:40, Johan Petersson wrote:
I have now managed to use a Solaris 11 system as a client to IPA Server.
su - testuser works ssh works and console login works. I get a delay before
getting the prompt
a auto.home map in IPA Server to set the homedirectory automounts
right.
And i almost forgot my Solaris version is 11 11/11.
Regards,
Johan.
From: Sigbjorn Lie [sigbj...@nixtra.com]
Sent: Thursday, December 20, 2012 15:20
To: Johan Petersson
Cc: freeipa-users
] on
behalf of Johan Petersson [johan.peters...@sscspace.com]
Sent: Thursday, December 20, 2012 19:03
To: Sigbjorn Lie
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Does Solaris 11 work as client to IPA server?
Hi,
Thank you for the tip about NFSMAPID_DOMAIN
It was not set properly.
sharectl
...@redhat.com]
Sent: Friday, December 21, 2012 23:39
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Does Solaris 11 work as client to IPA server?
On 12/20/2012 07:13 PM, Johan Petersson wrote:
Hi,
Was your example of a new DUAProfile ever added to Fedora or RHEL?
If so i can't find any
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of Johan Petersson [johan.peters...@sscspace.com]
Sent: Saturday, December 22, 2012 13:14
To: d...@redhat.com; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Does Solaris 11 work as client to IPA server?
Hi
Lie [sigbj...@nixtra.com]
Sent: Thursday, December 20, 2012 15:20
To: Johan Petersson
Cc: freeipa-users@redhat.com
Subject: RE: [Freeipa-users] Does Solaris 11 work as client to IPA server?
Thanks.
I'm guessing it's taking such a long time because it's looking trough the
entire LDAP server
17:10
To: Johan Petersson
Cc: freeipa-users@redhat.com
Subject: RE: [Freeipa-users] Does Solaris 11 work as client to IPA server?
What is the name of the other maps besides auto.master? You should use _
instead of . for any additional maps when you need Solaris autofs
compatibility. This also need
18:56
To: Johan Petersson
Cc: freeipa-users@redhat.com
Subject: RE: [Freeipa-users] Does Solaris 11 work as client to IPA server?
Cool. :)
What do you see if you turn on pam debugging by touching /etc/pam_debug and
enabling debug logging in the syslog daemon?
Rgds
Siggi
Johan Petersson
is same machine, just typo from me
when editing the log for publishing.
Regards,
Johan
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of Johan Petersson [johan.peters...@sscspace.com]
Sent: Friday, December 28, 2012 13:40
:
sharectl get nfs
Regards,
Johan.
From: Dmitri Pal [d...@redhat.com]
Sent: Tuesday, December 25, 2012 16:52
To: Johan Petersson
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Does Solaris 11 work as client to IPA server?
On 12/24/2012 05:27 PM
Hi,
I have a IPA server, NFS4 Server sharing home directories with autofs and krb5p
as only valid authentication.
Mail Postfix/Dovecot both with startTLS and GSSAPI.
All servers and clients are Red Hat 6.3 and updated with latest kernel and
everything else.
If i start and log in locally as
...@redhat.com]
Sent: Tuesday, February 26, 2013 20:30
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] IPA,NFS4,krb5p Ticket expired error
On 02/26/2013 02:03 PM, Johan Petersson wrote:
Hi,
I have a IPA server, NFS4 Server sharing home directories with autofs and krb5p
as only valid authentication
-users-boun...@redhat.com] on
behalf of Johan Petersson [johan.peters...@sscspace.com]
Sent: Wednesday, February 27, 2013 14:15
To: d...@redhat.com; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] IPA,NFS4,krb5p Ticket expired error
I think you are right, ssh always works to the nfs server and i
A typo from me, it is 192.168.1/24 in exports.
Regards
Johan
__
From: Rob Townley [rob.town...@gmail.com]
Sent: Wednesday, February 27, 2013 18:12
To: Johan Petersson
Cc: d...@redhat.com; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] IPA,NFS4,krb5p
, February 27, 2013 21:10
To: Johan Petersson
Cc: rob.town...@gmail.com; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] IPA,NFS4,krb5p Ticket expired error
Johan Petersson wrote:
A typo from me, it is 192.168.1/24 in exports.
Do you have forwardable tickets?
$ klist -f
It should have F
Hi,
I have a IPA test network based on Red Hat 6.4 Servers and Clients where home
directories are shared through NFS4 with krb5p.
Autofs is handled by SSSD and everything works great except when the user do
not logout and just lock the pc before a weekend or at least longer than a day.
In this
Hi,
I am getting error: state manager failed on NFSv4 server * with error 10016
in my new IPA test environment using krb5 and autofs.
The message keeps popping up when i try logging in with a IPA user.
Home Directory is on a NFSv4 Server using iSCSI and Multipathd for storage.
I can log in
Hi,
In my test environment i am planning to add a AD to my current IPA
configuration and i would like my IPA users to be able to log in through
windows to the AD and still have their IPA shared home directory.
IPA is Red Hat 6.5 and AD is Windows 2012 Server.
Home Directories are currently
One solution that i have tested myself is to have IPA and AD sync with Samba as
a server in a 2012 R2 Server AD.
For shared directories used both by Windows and Linux clients like Home i used
NFS 4 with Kerberos for Linux and Samba ADS for Windows.
Same user could log in from both Windows and
smbpasswd
but this is also failing, not sure if its a IPA interference issue or something
else...
regards
Steven J
From: Johan Petersson johan.peters...@sscspace.com
Sent: Tuesday, 18 February 2014 8:18 p.m.
To: Steven Jones; freeipa-users@redhat.com; d
Hi,
I have a working sync configuration between Windows 2012 Server and IPA on RHEL
6.5 and have not seen any problems at all. Sync works great and Windows 2012
works perfect together with Samba for file sharing as well.
My suggestion is to set up a test environment that are as close as
Hi,
I found this thread from a year ago about Samba File Sharing in a IPA and AD
trust setup and wonder if anything have changed regarding this kind of setup or
is it still uncharted territory?
https://www.redhat.com/archives/freeipa-users/2013-April/msg00248.html
I wonder since i am
Hi,
Environment:
RHEL 7 IPA Server 3.3 with a trust to a Windows 2012 Server AD
RHEL 7 NFS Server
RHEL 7 Client
I have found one problem when using a NFS 4 shared Home Directory for AD users
logging in to IPA.
I have created a NFS share /home/adexample.org and use autofs map in IPA.
All wbinfo
...@redhat.com] On Behalf Of Dmitri Pal
Sent: Tuesday, June 03, 2014 6:48 PM
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] IPA+AD trust and NFS nobody issue
On 06/03/2014 09:07 AM, Johan Petersson wrote:
Hi,
Environment:
RHEL 7 IPA Server 3.3 with a trust to a Windows 2012 Server AD
RHEL 7
I found one clue to the issue and as i thought it has to do with m
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Johan Petersson
Sent: Wednesday, June 04, 2014 12:02 PM
To: d...@redhat.com; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] IPA
,'
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Johan Petersson
Sent: Wednesday, June 04, 2014 12:02 PM
To: d...@redhat.com; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] IPA+AD trust and NFS nobody issue
Yes Client is default RHEL 7 and both
.
-Original Message-
From: Alexander Bokovoy [mailto:aboko...@redhat.com]
Sent: Wednesday, June 04, 2014 3:14 PM
To: Johan Petersson
Cc: d...@redhat.com; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] IPA+AD trust and NFS nobody issue
On Wed, 04 Jun 2014, Johan Petersson wrote:
Mail
Hi,
Probably there are better ways to solve this issue but the way that works for
me is to validate the trust from the AD side after a reboot of the IPA Server -
it always shows as offline for me too. On 2012 Server you can do this through
Active Directory Domains and Trusts - properties on
I do not know what OS you are using but if it is RHEL 6 or CentOS 6 you would
need to do the following:
In /etc/idmapd.conf:
Domain = your.domain
Add this to /etc/sysconfig/nfs
SECURE_NFS=yes
In /etc/exports:
/home/repo *(rw,sync,sec=krb5p)
Make sure that you use NTP for every
Hi,
I have earlier posted a guide on how to set up Solaris 11 and 11.1 as a client
to IPA with NFS 4 with Kerberos and autofs on freeipa-users and the difference
for Solaris 10 should be minor adjustments.
I will add that guide to the Freeipa-wiki during this weekend and if you can
not find
Hi,
When i was evaluating the configuration of the central logging proof of concept
docker image described here: https://www.freeipa.org/page/Centralized_Logging i
noticed that the rsyslog mmnormalization rules did not work properly and failed
to parse keywords. Elasticsearch indexes does not
35 matches
Mail list logo