...@redhat.com] On Behalf Of Innes, Duncan
Sent: 04 August 2015 12:10
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] FreeIPA and sudo Defaults
Information:
IPA server and client both running on RHEL 6.7 fully patched.
IPA server version: ipa-server-3.0.0-47.el6.x86_64
sssd client version
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Which client is noisy?
On 1.6.2015 10:56, Innes, Duncan wrote:
We don't have access to the _SRV_ records as the AD domain controls
that, so we had to hard code the main and failover servers on the
Side note:
It sounds that your FreeIPA
ones back
up. This page was of high value at that time. It's still useful for an
occasional check of the status.
D
-Original Message-
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: 06 February 2015 14:06
To: Innes, Duncan; Baird, Josh; freeipa-users@redhat.com
Subject: Re
- it's a while
ago that I sorted it out.
HTH
Duncan
-Original Message-
From: Baird, Josh [mailto:jba...@follett.com]
Sent: 05 February 2015 17:08
To: Innes, Duncan; Rob Crittenden; freeipa-users@redhat.com
Subject: RE: [Freeipa-users] Real-time replication status (RFE)?
That would
The screen mockup in that ticket is based on a Perl script that I stuck
in cgi-bin to pull just those stats off each IPA server I have and
display them. Can share the code if you're interested.
D
-Original Message-
From: freeipa-users-boun...@redhat.com
Our standard RHEL6 OS install worked perfectly well for testing IPA with
larger user/host numbers:
part /boot --fstype=ext4 --size=256 --ondisk=sda --fsoptions noatime
part pv.01 --size=1000 --grow --ondisk=sda
volgroup vg_root pv.01
logvol / --vgname=vg_root --name=lv_root
-Original Message-
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Dmitri Pal
Sent: 20 December 2014 03:37
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Logging: IPA to Rsyslog to Logstash
On 12/19/2014 11:35 AM, Innes
Earlier this year I said I'd feed back how my IPA to Rsyslog to Logstash
experiments went.
They went badly. And I didn't get much time. Today, however, I managed
to get over my imaginary finishing line:
All systems are RHEL 6.6.
Rsyslog (rsyslog7-7.4.10) is configured to import logs from some
Bump
Back to work now - do you want RFE's written up for this stuff, or do
you have it in hand?
D
-Original Message-
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Innes, Duncan
Sent: 31 July 2014 21:47
To: d...@redhat.com; Martin Kosek
/18/2014 09:23 AM, Martin Kosek wrote:
On 07/18/2014 03:12 PM, Dmitri Pal wrote:
On 07/18/2014 08:17 AM, Innes, Duncan wrote:
Hi Petr,
On 18/07/2014 11:24, Petr Vobornik wrote:
Hello Duncan,
thank you for the input. If you or somebody else have any Web UI
ideas/RFEs, feel free to write
Just poking around the new 4.0 demo page and very much liking what I
see. This will make a big difference in use on large estates.
A couple PatternFly related questions though:
1. The tables don't sort by column if I click on a column header. Is
this not available in PatternFly yet, or have
Hi Petr,
On 18/07/2014 11:24, Petr Vobornik wrote:
Hello Duncan,
thank you for the input. If you or somebody else have any Web UI
ideas/RFEs, feel free to write them down. I would like to
know what people don't like or would like to have.
On 18.7.2014 10:21, Innes, Duncan wrote:
Just
I may be jumping the gun slightly, but I'm wondering when the demo site
will be upgraded to FreeIPA 4.0?
Cheers
D
This message has been checked for viruses and spam by the Virgin Money email
scanning system powered by Messagelabs.
This e-mail is intended to be confidential to the recipient.
Hi folks,
Is there any movement towards getting FreeIPA to use more standard
logging tools? Journald or rsyslog.
Wondering because at the moment, the rotation of logs is non standard
compared to most of the rest of our estate. It would be a boost for us
to know that rsyslog/journald are
Message-
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: 17 June 2014 17:07
To: Innes, Duncan; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Standard Logging
Innes, Duncan wrote:
Hi folks,
Is there any movement towards getting FreeIPA to use more standard
logging
This is good to see - sometimes difficult to be allowed to pop up
another dev IPA server in a corporate network.
Is it possible to determine the current running version of IPA from the
Web interface? Never had to do this as I've always had console access
to my servers, but I can't find anywhere
I've already seen some screenshots - it's a *big* improvement!
-Original Message-
From: Martin Kosek [mailto:mko...@redhat.com]
Sent: 06 June 2014 09:08
To: Innes, Duncan; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] FreeIPA public demo available
Good question. Note
I'm starting to log IPA to a central point too. I'd hoped the A part of
IPA would have arrived, but other functionality has pushed it down the
priority list. Would be good to see it arrive as something integrated
with systemd/journald with fully separated log fields instead of a
simple log text
. application specific logs).
Cheers
Duncan
-Original Message-
From: Josh [mailto:joka...@gmail.com]
Sent: 03 June 2014 11:54
To: Innes, Duncan
Cc: freeipa-users
Subject: Re: [Freeipa-users] Setting up IPA to log remotely
On Jun 3, 2014, at 4:37 AM, Innes, Duncan
duncan.in
Martin,
Did the backup/restore scripts reach more than experimental status?
Looks like they were released in FreeIPA 3.2.
It's a problem for me that this kind of functionallity hasn't yet moved
into RHEL.
Backup/restore from some corporate use perspectives, cannot rely on
system snapshotting.
From: freeipa-users-boun...@redhat.com
freeipa-users-boun...@redhat.com on behalf of Innes, Duncan
duncan.in...@virginmoney.com
Sent: Wednesday, 5 March 2014 9:22 a.m.
To: freeipa-users@redhat.com
Subject: [Freeipa-users] Replication issue
To: Innes, Duncan; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Replication issue
On 03/04/2014 01:22 PM, Innes, Duncan wrote:
Hi,
I'm testing an upgrade of my prod IPA servers in a dev
cluster
Hi,
I'm testing an upgrade of my prod IPA servers in a dev cluster at the
moment. Finally completed the upgrade, so I tested some user adds via
the WebUI.
Added user aardvark on ipa01 - replicated to ipa02
Added user beaver on ipa02 - NOT replicated to ipa01
Added user banana on ipa02 -
Hi folks,
Just wondering if it's really the case that I have to use a cleartext
bindpw in my /etc/sudo-ldap.conf file in order to get sudoers looking at
my FreeIPA servers?
It's the first time I've looked into this side of things in FreeIPA and
it just seems a bit more clunky than other areas
Thanks,
I'll try and speed up my migration to RHEL 6.4 then :)
Duncan
-Original Message-
From: Alexander Bokovoy [mailto:aboko...@redhat.com]
Sent: 30 September 2013 17:26
To: Innes, Duncan
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] SUDOers config with cleartext
+0100, Innes, Duncan wrote:
Sorry,
-Original Message-
From: Martin Kosek [mailto:mko...@redhat.com]
Sent: 26 September 2013 14:29
To: Innes, Duncan
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Force IPA to accept password?
On 09/26/2013 01:05 PM
From: Martin Kosek [mailto:mko...@redhat.com]
Sent: 27 September 2013 09:28
To: Innes, Duncan
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Force IPA to accept password?
On 09/27/2013 09:31 AM, Innes, Duncan wrote:
From: freeipa-users-boun...@redhat.com
Hi folks,
I've got a question about kickstart enrollment with a one-time password.
Namely, is there any way that it can be done *without* the one-time
password. We're comfortable with the pre-creation of the host in IPA,
but just wonder if there's a way to enrol without the one-time password.
Are there any results you can even talk about at this stage?
If not, I'd suggest turning up the heat a notch or two to get it on the
boil :-)
I know this is FreeIPA, but RedHat shipping Identity Management as a
supported feature without any backup/restore mechanism is a pretty big
hole in
-Original Message-
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of KodaK
Sent: 26 August 2012 05:06
To: freeipa-users@redhat.com
Subject: [Freeipa-users] Desperate help requested.
I've just been informed by my boss's boss's boss that,
will raise a ticket.
Thanks
Duncan Innes | Linux Architect
-Original Message-
From: Simo Sorce [mailto:sso...@redhat.com]
Sent: 21 August 2012 08:04
To: Innes, Duncan
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Specifying load balancing to SSSD clients
the noisy servers hitting
ipa1, for example!
It'll do for now though.
Duncan
Thanks
Duncan Innes | Linux Architect
-Original Message-
From: Simo Sorce [mailto:sso...@redhat.com]
Sent: 21 August 2012 08:04
To: Innes, Duncan
Cc: freeipa-users@redhat.com
:48:30PM +0100, Innes, Duncan wrote:
Folks,
Hopefully this isn't a dumb question, but I'm constrained by a few
things on my estate and would be looking to deploy something like
the following:
2 Datacentres
2 IPA servers at each datacentre
ipa1.domain.com \_ datacentre A
ipa2
Folks,
Hopefully this isn't a dumb question, but I'm constrained by a few
things on my estate and would be looking to deploy something like the
following:
2 Datacentres
2 IPA servers at each datacentre
ipa1.domain.com \_ datacentre A
ipa2.domain.com /
ipa3.domain.com \_ datacentre B
this
functionallity be of use to freeIPA in general? (my view = yes)
Cheers
Duncan Innes | Linux Architect
From: Mark St. Laurent [mailto:mstla...@redhat.com]
Sent: 20 August 2012 15:15
To: Innes, Duncan
Cc: freeipa-users@redhat.com
On Thu, 2012-07-19 at 07:36 -0400, Stephen Gallagher wrote:
On Thu, 2012-07-19 at 00:53 +, Steven Jones wrote:
Actually its pamunless IPA is as well.
Which makes sense then to have an application run 500 so inherently it
cannot be logged into via ssh
Well, it's
36 matches
Mail list logo