Thanks Martin, and I always forget I can man a conf file.
On Tuesday, November 8, 2016 12:09 PM, Martin Babinsky
<mbabi...@redhat.com> wrote:
On 11/08/2016 05:13 PM, Ask Stack wrote:
> I thought /etc/krb5.conf controls which kerberos server the clients talk
> to.
>
I thought /etc/krb5.conf controls which kerberos server the clients talk to.
As a test, I removed /etc/krb5.conf and rebooted the client. After reboot, I
can still log in and "kinit user" .
Removing /etc/krb5.keytab, however would stop user from logging in and sssd to
start.
--
Manage your
Thank you, Martin.
On Thursday, November 3, 2016 4:12 AM, Martin Basti <mba...@redhat.com>
wrote:
On 02.11.2016 20:07, Ask Stack wrote:
I need to migrate ipa server from host rhel6.local to host rhel7.local and
retire host rhel6.local .
For the existing c
I need to migrate ipa server from host rhel6.local to host rhel7.local and
retire host rhel6.local .
For the existing clients, do I need to change /etc/ipa/default.conf ? Do I even
need this file if sssd is working on the clients?Thanks.
The current default.conf has two lines pointing to
Thank you.
On Tuesday, May 24, 2016 9:56 AM, Rob Crittenden <rcrit...@redhat.com>
wrote:
Ask Stack wrote:
> Sorry for asking the dumb question again. Where are the 389-ds logs? I
> can't find them in /var/log/ .
/var/log/dirsrv/slapd-REALM
What you'll want to look for
Sorry for asking the dumb question again. Where are the 389-ds logs? I can't
find them in /var/log/ .
On Monday, May 23, 2016 5:10 PM, Rob Crittenden <rcrit...@redhat.com> wrote:
Ask Stack wrote:
> Rob
> Thanks for the reply.
> I didn't find anything obvious in /var/l
..@redhat.com> wrote:
Ask Stack wrote:
> My company's ipa-client-install fail very often. Debug logs show the
> process always failed at getting the /etc/krb5.keytab .
> Is there a way to modify the script to increase number of attempts to
> create /etc/krb5.keytab ?
>
> I notice
My company's ipa-client-install fail very often. Debug logs show the process
always failed at getting the /etc/krb5.keytab .
Is there a way to modify the script to increase number of attempts to create
/etc/krb5.keytab ?
I noticed "--kinit-attempts=KINIT_ATTEMPTS, number of attempts to obtain
de and ipa-client-install downloaded are identical.
On Friday, April 22, 2016 3:09 AM, Martin Babinsky <mbabi...@redhat.com>
wrote:
On 04/21/2016 11:14 PM, Ask Stack wrote:
> Half the time ipa-client-install will fail at getting the TGT. Google
> showed posts like, Bug 84569
Half the time ipa-client-install will fail at getting the TGT. Google showed
posts like, Bug 845691 – ipa-client-install Failed to obtain host TGT. I
reduced _kerberos-master._tcp' '_kerberos-master._udp' '_kerberos._tcp'
'_kerberos._udp' to one server entry only. But it didn't help to reduce
On 01/26/2012 08:54 AM, Adam Young wrote:
On 01/24/2012 09:11 PM, ~Stack~ wrote:
Crud. This looks like it could be difficult. I don't preserve anything
on those machines. At least not right now...
It is a boot strap issue. For a shared nothing boot like you are
doing, there needs
On 01/25/2012 05:18 PM, Sigbjorn Lie wrote:
On 01/25/2012 02:30 AM, ~Stack~ wrote:
2) How do I get dhcpd to update DNS?
Since I can't find the place to add rndc-keys to BIND, right now I have
to add every host manually in the web interface because dhcpd isn't
updating named. This is time
for this server.
...[snip]...
Unable to find 'admin' user with 'getent passwd admin'!
For PXEboot nodes that may/will end up with a fresh install, how do I
best configure them in IPA? Automatically would be best.
Thanks!
~Stack~
signature.asc
Description: OpenPGP digital signature
On 01/24/2012 07:46 PM, Simo Sorce wrote:
On Tue, 2012-01-24 at 19:30 -0600, ~Stack~ wrote:
[snip]
2) How do I get dhcpd to update DNS?
The first question is: why do you need DHCP to do that, why don't you
let clients securely do it ?
We do register a client in the DNS in ipa-client-install
services.
I will try this. Thank you for replying!
~Stack~
signature.asc
Description: OpenPGP digital signature
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
On 11/09/2011 09:18 PM, Christian Horn wrote:
On Wed, Nov 09, 2011 at 09:21:02PM -0600, ~Stack~ wrote:
Does anyone know what version of IPA will be in 6.2?
[snip]
Versions of ipa-server in some of the RHEL6.2beta releases were mentioned
on this list, i.e. here:
http://comments.gmane.org
in the beta section?
Thanks!
~Stack~
signature.asc
Description: OpenPGP digital signature
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
.
Thanks for the help Rob!
~Stack~
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
.
So whatever I have done, I have buggered it up pretty good. :-)
Since this is a self-compiled version from a hacked up spec file on a
non-fedora system there is no reason to pester you guys about this. I know
you are busy working on the next release. Thanks again for the help!
~Stack
. Note though that upstream
development of freeipa is done in Fedora, not RHEL.
I will keep that in mind and I will try to build from the source RPM. If
I have an issue I will post back here.
Thank you very much for your help!
~Stack~
___
Freeipa-users
will. If I
were to move this into my work environment I would just rather stick with
the official RPMS then build my own repo, but I can do it if that is what is
needed.
Not sure what the problem is with the client though. Any ideas?
Thanks!
~Stack
the system with these values? [no]: yes
Password for admin@BLARG.LOCAL:
kinit: Cannot resolve network address for KDC in realm BLARG.LOCAL while
getting initial credentials.
Hrmm.Stuck again. Any ideas?
Thanks!
~Stack~
___
Freeipa-users mailing
22 matches
Mail list logo