Hi all --
Just wondering if there are any good examples of using the vault
features to secure store, use passwords? I have devs that like to store
them in git and well, I will discipline them appropriately, but I wante
to see about using the vault. Is it as simple as it appears to be? Just
w
Yeah, after I sent this email, I realized what I was trying to do and
that, "Oh wait, this is not really going to work."
For what it is worth - version on RHEL 7.3 - 4.4.0-14.el7_3.7
-K
On 5/2/17 11:04 AM, Rob Crittenden wrote:
Kat wrote:
Hi all,
I am somewhat confused trying
Hi all,
I am somewhat confused trying to get the process of using an external
cert for IPA.
If I follow step 1:
ipa-server-install -a Secret123 -p Secret123 -r EXAMPLE.COM --external-ca -U
This does indeed generate a CSR, but trying to do anything with this CSR
has no success since it is not
, thinking
about it more, if I am signing certs based on LE's Cert, that might be a
bad thing from their standpoint...
Just thinking out loud and looking for some input.
Kat
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-u
rry to have troubled you.
Kat
On 4/25/17 9:30 AM, Martin Bašti wrote:
FreeIPA conflicts shouldn't prevent installing of other packages. For
me it looks like "python-zope-interface" is missing.
On 25.04.2017 16:27, Kat wrote:
Yes- this comes after IPA is installed and running (thi
't force yum to just do the install anyway unless you
download the packages directly and use rpm to install. Is that the
suggestion here?
Thanks
On 4/25/17 9:22 AM, Martin Bašti wrote:
Hello,
comments inline
On 25.04.2017 16:06, Kat wrote:
Hi all,
Trying to get letsencrypt working fo
.x86_64
ipa-server-common-4.4.0-14.el7_3.7.noarch has installed conflicts
freeipa-server-common: ipa-server-common-4.4.0-14.el7_3.7.noarch
Any ideas? Maybe this is something known in the AWS world?
Thanks
Kat
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.co
Trying to figure out a way to migrate just the user PWs - since all the
users were created with a script in the new layout, but I want to bring
over their old PWs, hashed of course, to the new IPA server.
Just thought I would check to see if anyone has tried to do that before?
~k
--
Manage y
Trying to do some testing with 4.0.2-1 on FC22/rawhide -- the install
blows up:
Configuring directory server (dirsrv): Estimated time 10 seconds
[1/3]: configuring ssl for ds instance
[2/3]: restarting directory server
ipa : CRITICAL Failed to restart the directory server. See the
i
some stats:
~2000 users
~275 groups
~largest groups = 150+ users
(a couple dozen of these)
~K
On 9/9/14 4:32 PM, Dmitri Pal wrote
Well may be the data is so big that the replication gets stuck?
May be there is some huge group membership issue or something like.
Do you have a huge group? Multi
On 9/9/14 3:18 PM, Dmitri Pal wrote:
On 09/09/2014 12:55 PM, Rich Megginson wrote:
On 09/09/2014 10:41 AM, Kat wrote:
The problem I see is simple - not being able to add additional
replicas after the migration?
What I meant to say is - Is the workaround of setting replication
first, then
The problem I see is simple - not being able to add additional replicas
after the migration?
On 9/9/14 9:24 AM, Rich Megginson wrote:
On 09/09/2014 10:12 AM, Kat wrote:
Well - here is the problem and solution:
Fails every time:
Install master, enable migration, migrate existing LDAP config
problem with migration settings??
On 9/9/14 8:25 AM, Rich Megginson wrote:
On 09/09/2014 09:20 AM, Kat wrote:
This brings up a question - if I just installed a master -- shouldn't
I be able to create the replica immediately after (even if I did a
migration from an old LDAP server?)
Yes.
e only other replica so there is nothing there. I guess time
to go digging around. It is 3.3.3 on CentOS 7..
I'll let you know if I fine anything else.
Thanks.
On 9/9/14 7:56 AM, Rich Megginson wrote:
On 09/09/2014 08:39 AM, Kat wrote:
Anyone seen this before -- 2 freshly kicked C
Anyone seen this before -- 2 freshly kicked CentOS 7 installs:
On the replica from the ipa-replica-install :
reports: Update failed! Status: [10 Total update abortedLDAP error:
Referral]
Your system may be partly configured.
Run /usr/sbin/ipa-server-install --uninstall to clean up.
and then t
Hi all...
Migrating from Open LDAP and it works fine to FreeIPA to 3.x but 4.x I
get migration errors?
/Constraint violation: invalid password syntax - passwords with storage
scheme are not allowed/
I did find one reference to this in the archives, but it references
389-ds 1.3.2.20 and i a
I am working on the same thing - specifically I have found the libnl
dependencies to be the biggest headache. If I get anywhere over the
weekend, I will let you all know.
~K
On 8/23/14 12:51 PM, Dmitri Pal wrote:
On 08/23/2014 09:46 PM, Chris Whittle wrote:
Thanks Kat, so what do I need
If you look closely, the "epel-7" repo is actually empty. There are no
packages there.
So there are no packages to actually install. Only the "fedora" repos in
that same tree have packages.
~K
On 8/23/14 12:29 PM, Dmitri Pal wrote:
On 08/23/2014 08:33 PM, Chris Whittle wrote:
Thanks Dmitri
Hi,
Wondering about mixed configs and using features from the server such as
OTP. Has anyone done this with a v3 client? I know it is mostly sssd,
but wondering if there might be any gotchas.
Thanks
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailma
Hello fellow IPAers...
Just wondering what I might be doing wrong. I have servers that just
need to auth to the LDAP username/PW portion of IPA since they can't do
Kerberos right now.
What could I be missing -- I run the authconfig to setup and verify
sssd.conf, but I continue to get:
sshd
Hi,
I must be missing something obvious in getting memberof plugin to work..
Any ideas?
Thanks in advance...
~K
--
./fixup-memberof.pl -D 'cn=Directory Manager' -b
'dc=red,dc=lemon,dc=com' -w - -v
ldap_initialize( ldap://localhost:7389 )
add objectclass:
21 matches
Mail list logo