HI List,
how can i solve this? is this a bug ,normal behavior or any missing
configuration from my end,
Till now i didn't get ant clue on this.
Regards
Ben
On Thu, Jan 5, 2017 at 1:21 PM, Fraser Tweedale <ftwee...@redhat.com> wrote:
> On Thu, Jan 05, 2017 at 01:08:58PM +0300, Ben
: man:firewalld(1)
[root@zkwipamstr01 ~]# sestatus
SELinux status: disabled
On Thu, Jan 5, 2017 at 1:05 PM, Fraser Tweedale <ftwee...@redhat.com> wrote:
> On Thu, Jan 05, 2017 at 12:43:47PM +0300, Ben .T.George wrote:
> > HI,
> >
> > on master server and rep
or.
is this service restart pki-tomcatd@pki-tomcat only applicable on master
server?
Regards,
Ben
On Thu, Jan 5, 2017 at 11:12 AM, Petr Vobornik <pvobo...@redhat.com> wrote:
> On 01/05/2017 07:10 AM, Ben .T.George wrote:
> > HI
> >
> > yes i did the same and still po
t; On Wed, Jan 04, 2017 at 03:12:12PM +0300, Ben .T.George wrote:
> > HI
> >
> > port 8009 is not listening in master server
> >
> > and i added ::1 localhost localhost.localdomain localhost6
> > localhost6.localdomain6 in hosts file.
> >
HI
anyone please help me to fix this.
Regards,
Ben
On Wed, Jan 4, 2017 at 3:12 PM, Ben .T.George <bentech4...@gmail.com> wrote:
> HI
>
> port 8009 is not listening in master server
>
> and i added ::1 localhost localhost.localdomain localhost6
> localhost6.lo
,
Ben
On Wed, Jan 4, 2017 at 2:05 PM, Petr Vobornik <pvobo...@redhat.com> wrote:
> On 01/04/2017 10:59 AM, Ben .T.George wrote:
> > HI
> >
> > i tried the method mentioned on that document and it end up with below
> error. My
> > DNS is managed by external b
HI
while trying to create ipa replica, i am getting below error,
Replica creation using 'ipa-replica-prepare' to generate replica file
is supported only in 0-level IPA domain.
The current IPA domain level is 1 and thus the replica must
be created by promoting an existing IPA client.
To set up
HI,
thanks for your information. I have validated logs.
i destroyed the current kerberos ticket and re-initiated, then the issue
solved.
Regards,
Ben
On Tue, Dec 20, 2016 at 2:24 PM, Jakub Hrozek <jhro...@redhat.com> wrote:
> On Tue, Dec 20, 2016 at 01:19:15PM +0300, Ben .T.Geo
Hi List,
please help me to implement sudo rules.
i have did below steps and still not working for me.
1. created "Sudo Command Groups"
2. Added some command (/bin/yum) and included in sudo group
3. created "sudo Rule" on that
* added sudo Option as "!authenticate"
* Added User Group.
Hi List,
please help me to implement sudo rules.
i have did below steps and still not working for me.
1. created "Sudo Command Groups"
2. Added some command (/bin/yum) and included in sudo group
3. created "sudo Rule" on that
* added sudo Option as "!authenticate"
* Added User Group.
HI
How to disable first time password change on newly created user from web UI
Regards,
Ben
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
HI List,
>From where can i get latest IPA repo for centos. the repo which i was using
on copr is not working now.
please anyone help me to sort it out.
Regards,
Ben
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to
Hi List,
always https://copr.fedorainfracloud.org/ is down, is there any alternative
repo were i can get IPA 4.4?
Regards,
Ben
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the
il.com>
wrote:
>
>
> On Sun, May 29, 2016 at 7:11 PM, Ben .T.George <bentech4...@gmail.com>
> wrote:
>
>> Hi
>>
>> I would like to know how can i proceed with best practices
>>
>> My AD domain is : corp.examle.com.kw
>> My DNS (appliances
Hi
I would like to know how can i proceed with best practices
My AD domain is : corp.examle.com.kw
My DNS (appliances ) : kw.test.com
All my clients are pointed to kw.test.com including AD.
How can i proceed with Free IPA installation? where i need to manage DNS of
freeipa master server?
<aboko...@redhat.com>
wrote:
> On Fri, 27 May 2016, Ben .T.George wrote:
>
>> HI
>>
>> i ran some commands from AD side and the Trust status got changed.Below is
>> the command i used on AD
>>
>> netdom trust /d: /verify
>>
>>
TC_TABS\Domain Users: trusted domain object not found *
-
Number of members added 0
-
This is what my trust properties from AD. Trust type is showing as realm
[image: Inline image 1]
How can i fix this issue.
On Thu, May 26, 2016 at 10:32 PM, Ben
example.com). I'm not familiar with setting up FreeIPA with an
> external DNS, but I'm sure there are some instructions out there.
>
> -Mike
>
> -Original Message-
> From: "Ben .T.George"
> Sent: May 23, 2016 2:22 PM
> To: Michael ORourke
> Cc: freeipa-us
cipate in the
> FreeIPA domain into the new DNS zone.
>
> -Mike
>
> -Original Message-
> From: "Ben .T.George"
> Sent: May 23, 2016 10:44 AM
> To: Michael ORourke
> Cc: freeipa-users
> Subject: Re: [Freeipa-users] What id my AD domain user password not
nd give you the
> key. You don't have to be a Windows expert to do this, just ask your
> domain admin to do the steps for you. Also, you will need to setup a
> separate DNS zone and some forwarding rules. Otherwise you are going to
> have problems.
>
> -Mike
>
>
> -Ori
-shared key. That may be more acceptable to
> him.
>
> -Mike
>
> -Original Message-
> From: "Ben .T.George"
> Sent: May 23, 2016 8:42 AM
> To: freeipa-users
> Subject: [Freeipa-users] What id my AD domain user password not available
>
> Hi L
AD windows are different for me.
Regards
Ben
On 23 May 2016 16:13, "Martin Babinsky" <mbabi...@redhat.com> wrote:
> On 05/23/2016 02:42 PM, Ben .T.George wrote:
>
>> Hi LIst,
>>
>> my Windows domain Admin is not giving domain admin user password.
>>
>> in t
Hi LIst,
my Windows domain Admin is not giving domain admin user password.
in this case how can i proceed ipa trust-add
regards,
Ben
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on
gt; automount maps which is working fine for us.
> I wonder if you could do some sort of CIFS home dir automount with a SAN
> that is joined to an AD domain which is trusted by FreeIPA? Seems like
> this would be feasible.
>
> -Mike
>
> -Original Message-
> Fr
HI LIst,
Is it possible to mount home directories of AD authenticated users from
external source(like san or fileshare)
Regards,
Ben
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on
HI All
again repo is down.
Regards,
Ben
On Mon, May 2, 2016 at 2:04 PM, Alexander Bokovoy <aboko...@redhat.com>
wrote:
> On Mon, 02 May 2016, Ben .T.George wrote:
>
>> HI
>>
>> thanks
>>
>> yes now it's working and yesterday it was not.
>>
HI
So basically RBAC cannot apply against system user (ssh) ?
On Mon, May 16, 2016 at 11:29 AM, Alexander Bokovoy <aboko...@redhat.com>
wrote:
> On Sat, 14 May 2016, Ben .T.George wrote:
>
>> Hi List,
>>
>> i have one working setup with HBAC and sudo rules.
&
HI Marc,
thanks for the explanation.
can you please share some kind of implementation guide for this?
On Mon, May 16, 2016 at 3:45 AM, Marc Boorshtein <
marc.boorsht...@tremolosecurity.com> wrote:
> > I would like to know more about RBAC. like what is RBAC and what can be
> > achieved with
Hi List,
i have one working setup with HBAC and sudo rules.
I would like to know more about RBAC. like what is RBAC and what can be
achieved with RBAC.
anyone please share some good topics about this as i am getting so many and
the information's mentioned on those are different.
Thanks &
HI
thanks
yes now it's working and yesterday it was not.
regards,
Ben
On Mon, May 2, 2016 at 1:54 PM, Martin Basti <mba...@redhat.com> wrote:
>
>
> On 01.05.2016 10:24, Ben .T.George wrote:
>
> Hi All,
>
> again link for IPA 4.3.1 is offline
>
> https://
HI All
sudo rules got worked .actually i tried after 6 hours, what is the default
time to get affect this rule affect normally, is there any way to manually
pull changes from client?
Regards,
Ben
On Sun, May 1, 2016 at 11:46 PM, Ben .T.George <bentech4...@gmail.com>
wrote:
> HI
&
HI
i have a working setup of FreeIPA 4.3 with AD integrated, I can able to
apply HBAC rules and from client side it's working.
how can i apply sudo rules to that specific POSIX group.
i have created sample rue and added 2 commands put option as !authenticate
and attached this rule to client,
HI LIst,
i dont; know how to explain this issue. I was trying IPA 4.3.1
while adding DNS, i am getting below error
[root@global tmp]# ipa dnsforwardzone-add kwttestdc.com.kw
--forwarder=192.168.37.131 --forward-policy=only
Server will check DNS forwarder(s).
This may take some time, please wait
port 53 anwered The DNS
operation timed out.; Server 127.0.0.1 UDP port 53 anwered SERVFAIL.
this is the first time i am seeing this error.
On Sun, May 1, 2016 at 3:30 PM, Ben .T.George <bentech4...@gmail.com> wrote:
> HI LIst,
>
> i dont; know how to explain this issue. I was t
Hi All,
again link for IPA 4.3.1 is offline
https://copr.fedorainfracloud.org/coprs/g/freeipa/freeipa-4-3-centos-7/
On Tue, Apr 12, 2016 at 4:19 PM, Ben .T.George <bentech4...@gmail.com>
wrote:
> Hi
>
> Wow.Thanks for your fast response.
>
> Regards
> Ben
> On
and here is my sssd debug log from client side
http://pastebin.com/ud2q3FR5
On Sat, Apr 30, 2016 at 10:06 AM, Ben .T.George <bentech4...@gmail.com>
wrote:
> Hi
>
> Adding this this.
>
> in AD i habe added 2 users , ben and jude. In my HBAC rule, i pointed this
>
ad_can_login
Not matched rules: local_admin_can_login
so my hbac is working partially. How can i fix this.
Regards,
Ben
On Fri, Apr 29, 2016 at 7:27 PM, Ben .T.George <bentech4...@gmail.com>
wrote:
> surprisingly i have created some local IPA users and added to same HBAC
> rule, and re
HI All
this issue has solved
On Sat, Apr 30, 2016 at 9:16 AM, Ben .T.George <bentech4...@gmail.com>
wrote:
> when i am running ipa trust-fetch-domains "kwttestdc.com.kw" , i am
> getting below error in error_log
>
> [Sat Apr 30 09:14:25.107449 2016] [:error] [
@IDM.LOCAL: trust_fetch_domains(u'kwttestdc.com.kw',
rights=False, all=False, raw=False, version=u'2.156'): ServerCommandError
On Sat, Apr 30, 2016 at 12:00 AM, Ben .T.George <bentech4...@gmail.com>
wrote:
> Hi
>
> Anyone please help me to fix this issue.
>
> i have create
*member group: KWTTESTDC\test admins: Cannot find specified domain or
server name*
*-*
*Number of members added 0*
---------
On Fri, Apr 29, 2016 at 4:41 PM, Ben .T.George <bentech4...@gmail.com>
wrote:
> Hi
>
> while issuing ipa trust-
surprisingly i have created some local IPA users and added to same HBAC
rule, and removed AD grop ad applied this rule to client, and that got
worked.
How can i make this AD group with HBAC working?
Regards,
Ben
On Fri, Apr 29, 2016 at 7:12 PM, Ben .T.George <bentech4...@gmail.com>
wrote:
HI
If i disable allow_all <https://freeipa.idm.local/ipa/ui/#allow_all> rule,
i cannot able to login to client machine.
On Fri, Apr 29, 2016 at 7:05 PM, Ben .T.George <bentech4...@gmail.com>
wrote:
> HI
>
> actually i have added Domain Admins and the user ben is not pa
...@kwttestdc.com.kw <us...@kwttestdc.com.kw>*),1827801105(sudo
adm...@kwttestdc.com.kw)
On Fri, Apr 29, 2016 at 6:58 PM, Ben .T.George <bentech4...@gmail.com>
wrote:
> HI
>
> while explaning here it went wrong. actually i did is"
> Added external group to POSIX group&q
HI
while explaning here it went wrong. actually i did is"
Added external group to POSIX group"
On Fri, Apr 29, 2016 at 6:56 PM, Jakub Hrozek <jhro...@redhat.com> wrote:
> On Fri, Apr 29, 2016 at 06:32:28PM +0300, Ben .T.George wrote:
> > HI,
> >
> > "T
ee details in the error_log
Thanks & Regards,
Ben
On Fri, Apr 29, 2016 at 6:33 PM, Ben .T.George <bentech4...@gmail.com>
wrote:
> Hi Alex,
>
> yea my mistake.
>
> i was following u this
>
>
> http://www.freeipa.org/page/Active_Directory_trust_setup#Allow_access_
Hi Alex,
yea my mistake.
i was following u this
http://www.freeipa.org/page/Active_Directory_trust_setup#Allow_access_for_users_from_AD_domain_to_protected_resources
On Fri, Apr 29, 2016 at 6:03 PM, Alexander Bokovoy <aboko...@redhat.com>
wrote:
> On Fri, 29 Apr 2016, Ben .T.Geo
HI,
"The other is that the groups might not show up on the client (do they?)"
how can i check that.
Thanks
Ben
On Fri, Apr 29, 2016 at 5:59 PM, Jakub Hrozek <jhro...@redhat.com> wrote:
> On Fri, Apr 29, 2016 at 05:38:30PM +0300, Ben .T.George wrote:
> > Hi List,
>
Hi List,
I have working setup of one AD, one IPA server and one client server. by
default i can login to client server by using AD username.
i want to apply HBAC rules against this client server. For that i have done
below steps.
1. created External group in IPA erver
2. created local POSIX
Hi
while issuing ipa trust-fetch-domains, i am getting below error.
i have created new security group in AD and i want to add this to external
group.
[root@freeipa ~]# ipa trust-fetch-domains "kwttestdc.com.kw"
ipa: ERROR: error on server 'freeipa.idm.local': Fetching domains from
trusted fo
HI
Thanks for your reply.
can i do this external group mapping from web UI?
On Fri, Apr 29, 2016 at 10:50 AM, Jakub Hrozek <jhro...@redhat.com> wrote:
> On Fri, Apr 29, 2016 at 12:03:42AM +0300, Ben .T.George wrote:
> > Hi List,
> >
> > i have a working setup of IPA
Hi List,
i have a working setup of IPA with AD integrated and one client joined.
i want to implement HBAC rules against this client. can anyone please share
me good articles of implementing HBAC from web UI.
Thanks & Regards,
Ben
--
Manage your subscription for the Freeipa-users mailing list:
Hi LIst,
getting below error while adding conditional forwarder for AD domain on IPA
[root@ipa ~]# ipa dnsforwardzone-add ad.example.com
--forwarder=192.168.37.131 --forward-policy=only
Server will check DNS forwarder(s).
This may take some time, please wait ...
ipa: ERROR: DNS check for domain
he ‘Identity Management’ section in the RHEL
> documentation:
>
>
>
> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/
>
>
>
> Josh
>
>
>
> *From:* freeipa-users-boun...@redhat.com [mailto:
> freeipa-users-boun...@redhat.com] *On B
Hi List,
Ffrom where can i get repo details for FreeIPA 4.3.1 version. the link
provided in website is broken.
https://www.freeipa.org/page/Releases/4.3.1
please someone give me right package details.
Regards,
Ben
--
Manage your subscription for the Freeipa-users mailing list:
;; MSG SIZE rcvd: 68
On Wed, Apr 8, 2015 at 1:27 PM, Traiano Welcome trai...@gmail.com wrote:
Hi Ben
On Wed, Apr 8, 2015 at 12:39 PM, Ben .T.George bentech4...@gmail.com
wrote:
HI
i am getting krb5kdc: Server error on ligs:
krb5kdc: Server error - while fetching master key K/M
HI
i am getting krb5kdc: Server error on ligs:
krb5kdc: Server error - while fetching master key K/M for realm SUN.LOCAL
and the ipactl status is taking long time. Web interface is not able to
athenticate.
If i issue ipactl restart, noting is happening
to solve this issue currently i am
HI
i was facing the same issue last week and it got fixed now.
always user WUI from firefox. install Kerbros plugin and certificate from
ipa help page
check time(ntp)
Destroy and recreate ticket (Kdestroy kinit admin)
restart krb5kdc,sssd httpd services
restart ipactl (ipactl restart)
no, it's because of wrong ticket i guess.
try the steps and let us know the output
On Fri, Apr 3, 2015 at 2:23 PM, Andrew Holway andrew.hol...@gmail.com
wrote:
On Friday, 3 April 2015, Ben .T.George bentech4...@gmail.com wrote:
HI
i was facing the same issue last week and it got fixed
everything is default.
but now the issue solved after many restart,kinit ipactl restart
don't still don't know how it got fixed
Regards,
Ben
On Wed, Apr 1, 2015 at 8:31 PM, Nalin Dahyabhai na...@redhat.com wrote:
On Wed, Apr 01, 2015 at 07:45:10PM +0300, Ben .T.George wrote:
HI
yes i
/2015 12:32 PM, Ben .T.George wrote:
Hi
I have re-installed verything from RHEL 7.1 DVD and current ipa version
is 4.0.1
everything is working including AD trust.
but my web interface always giving Your session has expired. Please
re-login.
i faced the issue before that time i destroyed
Hi
I have re-installed verything from RHEL 7.1 DVD and current ipa version is
4.0.1
everything is working including AD trust.
but my web interface always giving Your session has expired. Please
re-login.
i faced the issue before that time i destroyed kerbros ticket (Kdestroy)
and initiated
HI
i have checked from chrome and got 401 error: This is what exactly i
reported 3 weeks back :(
http://s1.postimg.org/41ik3o1hr/kerb.jpg
Regards,
Ben
On Wed, Apr 1, 2015 at 7:45 PM, Ben .T.George bentech4...@gmail.com wrote:
HI
yes i have creared cache. tried from different browsers
at 9:19 PM, Rob Crittenden rcrit...@redhat.com wrote:
Ben .T.George wrote:
please anyone share bit more information on this like real example
As we've said many times before, we have very little real experience on
Solaris. We do the best we can and sometimes that is going to be in the
form
HI
i am using IPA 3.3 and my client is solaris 10.
how can i give only some set of users to this client without creating user
group in ad?
thanks Regards,
Ben
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to
please anyone share bit more information on this like real example
On Tue, Mar 24, 2015 at 9:03 PM, Rob Crittenden rcrit...@redhat.com wrote:
Dmitri Pal wrote:
On 03/24/2015 01:15 PM, Ben .T.George wrote:
Hi
current stage is AD users can able to login to solaris box. But i
don't up
:
On 03/24/2015 07:20 AM, Ben .T.George wrote:
HI
i am using IPA 3.3 and my client is solaris 10.
how can i give only some set of users to this client without creating
user group in ad?
thanks Regards,
Ben
You can create a group in IPA and make Solaris check that group
HI
i created the home directory manually and copied the profile.
i tried to access the solaris box from putty and still it's not accepting
password.
On Mon, Mar 23, 2015 at 11:03 AM, Ben .T.George bentech4...@gmail.com
wrote:
HI List
finally after soo much struggling now i can able
HI List
finally after soo much struggling now i can able to login solaris box as AD
user.
but auto home directory creation still have issue. for that i need to
compile some modules.
The issue i am facing is i cannot able to login to solaris box after
editing pam.conf file.here is the conf file
Hi
i am getting ipa: ERROR: CIFS server communication error: code
-1073741771,
while doing
[root@kwtpocpbis02 ~]# ipa trust-add --type=ad infra.com --admin
Administrator --password
Active Directory domain administrator's password:
ipa: ERROR: CIFS server communication error: code -1073741771,
HI
thanks for the reply
i have created PTR record for IPA server under reverse lookup zone manually
and ipa server resolving from AD
how can i solve trhis issue.?
On Wed, Mar 18, 2015 at 12:15 PM, Alexander Bokovoy aboko...@redhat.com
wrote:
On Wed, 18 Mar 2015, Ben .T.George wrote:
Hi
HI
i saw the this in BZ and it's closed my mentioning it's got resolved on
RHEL/Centos 7.
But i am already using 7 .
please anyone help me to fix this?
Regards,
Nem
On Wed, Mar 18, 2015 at 11:19 AM, Ben .T.George bentech4...@gmail.com
wrote:
Hi
i am getting ipa: ERROR: CIFS server
weight = 100
port = 389
svr hostname = kwtpocpbis02.solaris.com
kwtpocpbis02.solaris.cominternet address = 172.16.107.135
On Wed, Mar 18, 2015 at 12:21 PM, Ben .T.George bentech4...@gmail.com
wrote:
HI
thanks for the reply
i have created
Bokovoy aboko...@redhat.com
wrote:
On Wed, 18 Mar 2015, Ben .T.George wrote:
no,
this is new host-name i am choosed.
anyway how to check is there any existing solaris.com in AD, under DNS
management, i cannot see anything
You can search with ldapsearch, something like this, from IPA master
no,
this is new host-name i am choosed.
anyway how to check is there any existing solaris.com in AD, under DNS
management, i cannot see anything
Regards,
Ben
On Wed, Mar 18, 2015 at 12:45 PM, Alexander Bokovoy aboko...@redhat.com
wrote:
On Wed, 18 Mar 2015, Ben .T.George wrote:
HI
i saw
,DC=com
# search result
search: 2
result: 0 Success
# numResponses: 4
# numReferences: 3
You have new mail in /var/spool/mail/root
but there is no solaris.com in this output
On Wed, Mar 18, 2015 at 1:38 PM, Alexander Bokovoy aboko...@redhat.com
wrote:
On Wed, 18 Mar 2015, Ben .T.George wrote
HI List
i was following this link :
http://www.freeipa.org/page/Active_Directory_trust_setup#Assumptions
to setup IPA server
my IPA version is 4.1.2
every setps in this tutorials was passed without any error
even *Allow access for users from AD domain to protected resources*
went successfully
...@infra.com from 10.18.2.130 port 64782 ssh2
Mar 17 12:44:59 kwtpocpbis01 sshd[15840]: pam_unix(sshd:session): session
opened for user b...@infra.com by (uid=0)
On Tue, Mar 17, 2015 at 12:09 PM, Jakub Hrozek jhro...@redhat.com wrote:
On Tue, Mar 17, 2015 at 11:37:24AM +0300, Ben .T.George wrote
Hi all
how can i fix this issue.? even i tried to trust add AD again. that too
failed.
from where i need to troubleshoot ?
On Tue, Mar 17, 2015 at 3:02 PM, Ben .T.George bentech4...@gmail.com
wrote:
Hi
i did kinit
[root@kwtpocpbis01 sssd]# kinit -kt /etc/dirsrv/ds.keytab
kinit: Keytab
replied to ping
On Tue, Mar 17, 2015 at 1:27 PM, Jakub Hrozek jhro...@redhat.com wrote:
On Tue, Mar 17, 2015 at 12:57:27PM +0300, Ben .T.George wrote:
HI
i have enabled debug
here is my sssd.conf
[root@kwtpocpbis01 ~]# cat /etc/sssd/sssd.conf
[domain/solaris.local
]]]
[delayed_online_authentication_callback] (0x0200): Backend is online,
starting delayed online authentication.
On Tue, Mar 17, 2015 at 2:23 PM, Ben .T.George bentech4...@gmail.com
wrote:
HI
i have changed like this:
[root@kwtpocpbis01 yum.repos.d]# more /etc/sssd/sssd.conf
[domain/solaris.local
...@redhat.com wrote:
On Tue, Mar 17, 2015 at 02:38:41PM +0300, Ben .T.George wrote:
here is separated logs:
tail -f sssd_solaris.local.log
Thank you, see inline:
(Tue Mar 17 14:35:45 2015) [sssd[be[solaris.local]]] [sdap_get_tgt_recv]
(0x0400): Child responded: 14 [Decrypt integrity
...@redhat.com
wrote:
On Tue, 17 Mar 2015, Ben .T.George wrote:
Hi
i did kinit
[root@kwtpocpbis01 sssd]# kinit -kt /etc/dirsrv/ds.keytab
kinit: Keytab contains no suitable keys for
host/kwtpocpbis01.solaris.local@SOLARIS.LOCAL while getting initial
credentials
i destroyed and re-created
HI
the user Ben is from Ad, how can i assign shell to that user.?
Regards,
Ben
On Sun, Mar 15, 2015 at 7:14 PM, Gianluca Cecchi gianluca.cec...@gmail.com
wrote:
Il 15/Mar/2015 11:04 Ben .T.George bentech4...@gmail.com ha scritto:
here is the getent passwd:
skipped
nobody4:x:65534
HI
i am using free ipa 4.1.2 on centos 7.
from root user, i can able to switch to IPA user : su ben
but from any other user if i try that, it's asking for password. if i gave
the correct passord also, its not accepting .This is what i am getting
bash-3.2$ su jude
Password:
su: Sorry
and on
[mailto:
freeipa-users-boun...@redhat.com] *On Behalf Of *Ben .T.George
*Sent:* Wednesday, March 11, 2015 11:22 AM
*To:* dpal
*Cc:* freeipa-users
*Subject:* Re: [Freeipa-users] how can i create home directories
automatically on solaris while IPA user login
from BZ
While we value your interest
: [Freeipa-users] how can
i create home directories automatically on solaris while IPA user login Date:
Wed, 11 Mar 2015 21:22:02 +0300 From: Ben .T.George
bentech4...@gmail.com bentech4...@gmail.com Reply-To:
bentech4...@gmail.com To: dpal d...@redhat.com d...@redhat.com CC:
freeipa-users
related to that.
now i am little bit confident up to this level. and if everything is
working fine, i will try to create automated script for IPA join
Regards,
Ben
On Wed, Mar 11, 2015 at 7:32 PM, Dmitri Pal d...@redhat.com wrote:
On 03/11/2015 09:50 AM, Ben .T.George wrote:
HI
i can able
, Rob Crittenden rcrit...@redhat.com
wrote:
Ben .T.George wrote:
HI
thanks for the rply.
even i tried native auto_master file with directory checking script. if
i feed the user manually to the script, the directory is creating and
while login request comes, it didn't.
i don't think
not authenticate with AD, IPA
user can login on solaris box
On Wed, Mar 11, 2015 at 9:11 PM, Dmitri Pal d...@redhat.com wrote:
On 03/11/2015 01:56 PM, Ben .T.George wrote:
HI
yea , i saw that mail thread and he claims that he achieved somehow. but
not clear.
and the steps mentioned is too
wiki :) as there are
many solaris related documents which is pretty old.
anyway still waiting for rply
Regards,
Ben
On Wed, Mar 11, 2015 at 8:49 PM, Dmitri Pal d...@redhat.com wrote:
On 03/11/2015 01:18 PM, Ben .T.George wrote:
HI
thanks for the rply.
even i tried native auto_master
HI
i can able to reach upto level that IPA user can able to login on solaris
box,
but how can i create home directories automatically on solaris while IPA
user login.
even i change the shell in IPA web interface that is getting affected. i
saw some option in IPA 3.3 web interface like automount
, thanks for information. I would still love to know the real root
cause, but
we will now find it now I assume.
Of this issue re-appears, let us know :-)
Thanks,
Martin
On 03/09/2015 09:10 AM, Ben .T.George wrote:
Hi Martin,
thanks for your replay.
yesterday i did lot of this to fix
the session data?
Thanks,
Martin
On 03/08/2015 11:44 AM, Ben .T.George wrote:
i was inspecting the page and got below response.
http://s21.postimg.org/itv5hf0h3/asdasd.jpg
http://s3.postimg.org/f6knomt1f/Capture.jpg
please anyone help me to solve this issue. i just want to create
ed (, Unknown error), referer:
https://kwtpocpbis01.solaris.local/ipa/ui/
On Sun, Mar 8, 2015 at 12:48 PM, Ben .T.George bentech4...@gmail.com
wrote:
Hi i checked the services and below is my output
[root@kwtpocpbis01 ipa_memcached]# ps -ef | grep ipa_memcached
apache
: RUNNING
smb Service: RUNNING
winbind Service: RUNNING
ipa-otpd Service: RUNNING
ipa-dnskeysyncd Service: RUNNING
ipa: INFO: The ipactl command was successful
On Sun, Mar 8, 2015 at 10:54 AM, Ben .T.George bentech4...@gmail.com
wrote:
HI
i have free IPA 4.1.2 installed.
my web ui always giving
] [:error] [pid 3003] ipa: DEBUG: no
ccache, need login
[Sun Mar 08 13:16:29.922265 2015] [:error] [pid 3003] ipa: DEBUG:
jsonserver_session: 401 Unauthorized need login
On Sun, Mar 8, 2015 at 1:02 PM, Ben .T.George bentech4...@gmail.com wrote:
this is the error mesage i am getting on httpd
HI
i have free IPA 4.1.2 installed.
my web ui always giving Your session has expired. Please re-login. even i
tried from different computer.different browsers..
how can i fix this.?
--
Manage your subscription for the Freeipa-users mailing list:
i was inspecting the page and got below response.
http://s21.postimg.org/itv5hf0h3/asdasd.jpg
http://s3.postimg.org/f6knomt1f/Capture.jpg
please anyone help me to solve this issue. i just want to create one local
user in IPA
On Sun, Mar 8, 2015 at 1:17 PM, Ben .T.George bentech4...@gmail.com
Hi list
i have working IPA server were AD users can login to IPA server
how can i configure solaris 10 as IPA 4.1.2 client.?
i saw many tutorials in IPA domain and got confused . Which one i need to
follow
currently i am trying with X86 version of solaris and later i need to try
on SPARC
Hi
i have re-installed everything . my current versions are Centos 7 with IPA
4.1
i followed this tutorial:
http://www.freeipa.org/page/Howto/IPAv3_AD_trust_setup
when i fetch , it went successful:
*[root@kwtpocpbis01 ~]# ipa trustdomain-find infra.com http://infra.com*
* Domain name:
1 - 100 of 126 matches
Mail list logo