Re: [Freeipa-users] Setup of freeipa 4.1.3 failed

2015-04-01 Thread Gonzalo Fernandez Ordas
Markus Not sure if this might be related, at least is a place where to look at.. https://bugzilla.redhat.com/show_bug.cgi?id=1196455 thanks On 31/03/2015 10:54, Markus Roth wrote: Hi all, I want setup freeipa 4.1.3 on a fresh installed fedora 21. The ipa-server-install shows the following

Re: [Freeipa-users] Ubuntu sssd client -- FreeIPA Server fed from AD

2015-03-30 Thread Gonzalo Fernandez Ordas
Hi Jakub Yes, I can also include that. The configuration I was showing was a simple one, mainly I focused on the library set as it is usually the most problematic part in old distributions, but I will also include your comment as indeed makes more sense. As I was suggesting in the post, sssd

Re: [Freeipa-users] Ubuntu sssd client -- FreeIPA Server fed from AD

2015-03-30 Thread Gonzalo Fernandez Ordas
Yes, you are right. I was using the enumerate on my testing I forgot to disable the enumerate when I was templating the configuration. On 30/03/2015 07:21, Lukas Slebodnik wrote: On (30/03/15 05:36), g.fer.or...@unicyber.co.uk wrote: Hey Guys Not sure if I am missing any bit but this was

Re: [Freeipa-users] IPA Client using Source Code

2015-03-30 Thread Gonzalo Fernandez Ordas
You need the development package. that should be popt-devel If you are still using amazon you have to modify the sources to include the devel Otherwise if you feel very crafty you can get to a site such us: http://rpm.pbone.net/ and look for the relevant development package which got the

Re: [Freeipa-users] IPA Client Install on Amazon Linux

2015-03-27 Thread Gonzalo Fernandez Ordas
Yogesh My personal experience using AWS Linux and LDAP is not a good one and mostly an utter nightmare in relation to packages. Personally I would recommend you to keep away from AWS Linux and get a Centos, Fedora or Redhat. Still, if you want to go ahead, I can give you the right versions for

Re: [Freeipa-users] Ubuntu sssd client -- FreeIPA Server fed from AD

2015-03-25 Thread Gonzalo Fernandez Ordas
I have to test a few options to see how I can overcome that issue. A pity as I nearly got everything setup in full. Any findings I will get back to the list as this might be relevant for other users. On 25/03/2015 19:56, Rob Crittenden wrote: Gonzalo Fernandez Ordas wrote: Exactly

Re: [Freeipa-users] Ubuntu sssd client -- FreeIPA Server fed from AD

2015-03-25 Thread Gonzalo Fernandez Ordas
Exactly the document i was having a look at. In simple words,is possible to work this around and how,? Otherwise i have to drop freeipa and get back to 389_ds as still seems fully ldap sssd compatible. Have you got any doc clearly stating how to get this done? I really invested many days on

Re: [Freeipa-users] Fwd: Re: AD -- FreeIPA Password Sync --- Peer reports incompatible or unsupported protocol

2015-03-19 Thread Gonzalo Fernandez Ordas
Hi I have completed changed the scenario and I managed to install freeipa-server 4.1 (Somebody publish the right repo for Centos and it worked really well) --Let me double check a couple of things. You wrote you installed PassSync on Windows 2013 (which could be a typo?) We support

Re: [Freeipa-users] AD -- FreeIPA Password Sync --- Peer reports incompatible or unsupported protocol

2015-03-13 Thread Gonzalo Fernandez Ordas
I am having a look at the documentation again.. And having version 1.1.6 of the PassSync tool means: [**] 389-PassSync-1.1.6disables SSLv3 by default. And I can see in the LDAP Info from IPA that SSLv3 and SSLv2 as OFF.. So, theoretically, it should work as SSLv3 is disable on both?

[Freeipa-users] Windows AD -- LDAP (oneWay)

2015-03-12 Thread Gonzalo Fernandez Ordas
Hi I have successfully setup an AD--- freeipa Model and joining bits and pieces from 389-ds I have setup a oneWaySinc fromWindows. The issue I got for the last week is the pasword sync which does not seem to work at all, it does not matter what I do in the AD server I never get the passwords

Re: [Freeipa-users] Windows AD -- LDAP (oneWay)

2015-03-12 Thread Gonzalo Fernandez Ordas
Thanks very much for the quick reply. And that was exactly the bit I never fully understood, till now. is it known anyway of synchronising the passwords? Any recommendations on those regards? Thanks On 12/03/2015 22:13, Rich Megginson wrote: On 03/12/2015 03:07 PM, Gonzalo Fernandez