Hi
2017-01-17 15:53 GMT+01:00 Alexander Skwar
> As you can see, the RHEL system does have a "org.freeipa.server".
> The Xenial system does not.
>
> Any ideas, why that might be missing?
Timo Aaltonen has helped me to find the issue on the launchpad bug.
The oddjob service
Hello again already…
2017-01-17 15:24 GMT+01:00 Alexander Skwar
:
…
> [Tue Jan 17 16:06:05.825724 2017] [wsgi:error] [pid 21773:tid
> 139626190206720] ipa: INFO: [jsonserver_kerb] ad...@unix.ewadmin.ch:
> ping(version=u'2.164'): SUCCESS
> ERROR:dbus.proxi
Hello
Using freeipa 4.3.1-0ubuntu1 on Ubuntu 16.04 servers.
I have setup a FreeIPA master server with the following commands:
apt install freeipa-server
ipa-server-install --setup-dns --mkhomedir --auto-forwarders \
--no-reverse --hostname=ewserv-auth01-prod.unix.ewadmin.ch \
Hello Rob
2016-05-18 16:21 GMT+02:00 Rob Crittenden :
> Alexander Skwar wrote:
>>
>> Hello Rob
>>
>> 2016-05-12 0:06 GMT+02:00 Rob Crittenden :
>>>
>>>
>>> Alexander Skwar wrote:
>> Important parts here:
>>
>> - [USER_AUTH_F
Hello Rob
2016-05-12 0:06 GMT+02:00 Rob Crittenden :
>
> Alexander Skwar wrote:
>> The WAF would then send username and password to FreeIPA (using LDAP)
>> and would need to get back, whether the combination was good or not.
>>
>> Is that scenario doable with FreeIP
hether the combination was good or not.
Is that scenario doable with FreeIPA and LDAP? Would anyone maybe even know
of some good howtos or links? Any gotchas, that we'd need to be aware of?
Thanks a lot and „Viele Grüße” 😃
Alexander Skwar
--
Manage your subscription for the Freeipa-users mail
Hello Alexander ;)
2015-11-30 10:38 GMT+01:00 Alexander Bokovoy :
> HBAC is enforced by SSSD over PAM. All you need to ensure is that an
> application (sshd in this case) uses PAM. Then you setup HBAC rules,
> disable allow_all rule, and then SSSD will verify rules on logon via
> sshd, checking a
Hello
I'm trying to setup our FreeIPA 4.1.0 (RHEL 7) servers with Ubuntu 14.04
FreeIPA 3.3.4 clients so, that users in a user group called "customers"
can only access hosts, which are in a host group called "test". Users
from the user group "ops" should be able to access all systems (ie.
"prod" sy
ered everything right. I'm attaching
the log.
Best regards,
Alexander
2015-10-06 15:01 GMT+02:00 Sumit Bose :
> On Tue, Oct 06, 2015 at 11:26:42AM +0200, Alexander Skwar wrote:
> > Hi
> >
> > With further debugging, I discovered, that I messed up the
>
se letters.
After having changed that to uppercase letters (ie. "krb5_realm =
CUSTOMER.COMPANY.INTERNAL"), it works fine.
Thanks for your time and help ;)
Cheers,
Alexander
2015-10-05 14:07 GMT+02:00 Sumit Bose :
> On Mon, Oct 05, 2015 at 09:00:13AM +0200, Alexander Skwar wrote:
>
Hi
Hm, when I'm root, "kinit -k" works:
# kinit -k
#
Just not as a user. As a user, I get the "kinit: Permission denied while
getting initial credentials" error message.
Regards,
Alexander
2015-10-05 9:00 GMT+02:00 Alexander Skwar <
alexanders.mailinglists+nos
uot;kinit -k".
Also after the "kinit -k", nothing is in the krb5_child.log.
Regards,
Alexander
2015-10-02 17:59 GMT+02:00 Jakub Hrozek :
> On Fri, Oct 02, 2015 at 04:28:57PM +0200, Alexander Skwar wrote:
> > Hello
> >
> > How do I get password authentication to
Hello
How do I get password authentication to work with freeipa-client
3.3.4-0ubuntu3.1 on Ubuntu 14.04 for ssh and sudo?
Long version follows :)
We've got an IPA server with the Red Hat Identity Management server
on RHEL 7.1 servers; FreeIPA v4.1.0 is being used there. I configured
users and gr
13 matches
Mail list logo