Hello,
I just did a 'yum update' from CentOS 6.5 - 6.6 on my freeipa system
(master and 2 replicas) and I seen to have run into the following bug,
https://bugzilla.redhat.com/show_bug.cgi?id=953653
On Master:
[root@srv-1 slapd-CN-LOCAL]# rpm -qa|grep ipa
ipa-client-3.0.0-42.el6.centos.x86_64
On Dec 5, 2013, at 3:20 PM, Rob Crittenden rcrit...@redhat.com wrote:
Michael Mercier wrote:
Hello,
A few details to begin:
The IPA system consists of 3 servers running on fully patched CentOS 6.5
(updated Monday night). DNS is integrated with the IPA system.
ipa-*-3.0.0-37
Hello,
A few details to begin:
The IPA system consists of 3 servers running on fully patched CentOS 6.5
(updated Monday night). DNS is integrated with the IPA system.
ipa-*-3.0.0-37.
mod_nss-1.0.8-19
openssl-1.0.1e-16
The system was upgraded from 2.2
Yesterday, I revoked a certificate
Hello,
I tried to login (ssh) to one (of three) freeipa systems running on CentOS
yesterday without success.
Running 'ssh root@service-2', the server would reply with a password prompt and
then hang. I went to the system console to discover many of the following
messages on screen:
Jun 30
Hello,
The log files are empty in /var/log/sssd, and the filesystems checked clean
after the hard boot.
Thanks,
Mike
On 2013-07-03, at 10:38 AM, Sumit Bose wrote:
On Wed, Jul 03, 2013 at 10:17:19AM -0400, Michael Mercier wrote:
Hello,
I tried to login (ssh) to one (of three) freeipa
Hello,
Named stopped on one of my IPA servers over the weekend, this was the last
message in the log file:
ldap_helper.c:627: fatal error:
RUNTIME_CHECK(((pthread_mutex_destroy(((ldap_conn-lock))) == 0) ? 0 : 34) ==
0) failed
exiting (due to fatal error in library)
Any ideas?
All other IPA
On 2013-01-14, at 8:11 PM, Dmitri Pal wrote:
On 01/14/2013 05:59 PM, William Muriithi wrote:
Hello
When I restart IPA through ipactl, I get the following message. All
seem to be working despite the message. I think it is pki-ca that is
running on tomcat
Starting httpd: [Fri Jan 11
Hello,
I missed the reply all button. See my response to Dmitri inline below.
Thanks,
Mike
Begin forwarded message:
From: Michael Mercier mmerc...@gmail.com
Date: November 5, 2012 8:10:53 PM GMT-05:00
To: d...@redhat.com
Subject: Re: [Freeipa-users] DNS / Allow PTR sync
Hello,
On 5-Nov-12
Hello,
A couple of questions regarding DNS / Allow PTR sync.
1. If you have a zone 'example.com' and you enable Allow PTR sync, should
you also enable the option in the reverse zone (e.g. 168.192.in-addr-arpa.)?
2. Do you have to wait a specified amount of time for the PTR record to be
On 2012-09-18, at 4:03 AM, Jakub Hrozek wrote:
On Mon, Sep 17, 2012 at 11:17:47AM -0400, Dmitri Pal wrote:
[root@ipaserver2 ~]ifdown eth0 # NOTE: ipaserver2 is 172.16.112.8
[root@ipaclient ~]# SSSD_KRB5_LOCATOR_DEBUG=1 kinit mike
[sssd_krb5_locator] sssd_krb5_locator_init called
On 2012-09-08, at 11:08 AM, Dmitri Pal wrote:
On 08/31/2012 09:33 AM, Michael Mercier wrote:
Hello,
I seem to be having a problem with the HBAC test:
Versions:
[root@ipaserver ipatest]# rpm -qa|grep ^ipa
ipa-server-2.2.0-16.el6.x86_64
ipa-pki-common-theme-9.0.3-7.el6.noarch
ipa-pki-ca
On 2012-09-07, at 4:50 PM, Rob Crittenden wrote:
Michael Mercier wrote:
On 2012-09-07, at 2:47 PM, Dmitri Pal wrote:
On 09/07/2012 12:42 PM, Michael Mercier wrote:
On 2012-09-07, at 12:14 PM, Dmitri Pal wrote:
On 09/06/2012 10:40 AM, Michael Mercier wrote:
Hello,
I have
On 2012-09-10, at 4:35 AM, Petr Spacek wrote:
On 09/08/2012 05:03 PM, Dmitri Pal wrote:
On 09/07/2012 04:50 PM, Rob Crittenden wrote:
Michael Mercier wrote:
On 2012-09-07, at 2:47 PM, Dmitri Pal wrote:
On 09/07/2012 12:42 PM, Michael Mercier wrote:
On 2012-09-07, at 12:14 PM, Dmitri
On 2012-09-17, at 10:33 AM, Rob Crittenden wrote:
Michael Mercier wrote:
On 2012-09-08, at 11:08 AM, Dmitri Pal wrote:
On 08/31/2012 09:33 AM, Michael Mercier wrote:
Hello,
I seem to be having a problem with the HBAC test:
Versions:
[root@ipaserver ipatest]# rpm -qa|grep ^ipa
ipa
On 2012-09-17, at 11:27 AM, Dmitri Pal wrote:
On 09/17/2012 10:14 AM, Michael Mercier wrote:
On 2012-09-07, at 4:50 PM, Rob Crittenden wrote:
Michael Mercier wrote:
On 2012-09-07, at 2:47 PM, Dmitri Pal wrote:
On 09/07/2012 12:42 PM, Michael Mercier wrote:
On 2012-09-07, at 12:14 PM
On 2012-09-07, at 12:14 PM, Dmitri Pal wrote:
On 09/06/2012 10:40 AM, Michael Mercier wrote:
Hello,
I have experienced some odd connectivity issues using MMR with FreeIPA (all
systems CentOS 6.3). I have 2 ipa servers (ipaserver / ipaserver2) setup
using MMR.
[root@ipaserver ~]#ipa
On 2012-09-07, at 2:47 PM, Dmitri Pal wrote:
On 09/07/2012 12:42 PM, Michael Mercier wrote:
On 2012-09-07, at 12:14 PM, Dmitri Pal wrote:
On 09/06/2012 10:40 AM, Michael Mercier wrote:
Hello,
I have experienced some odd connectivity issues using MMR with FreeIPA
(all systems CentOS
Hello,
I have experienced some odd connectivity issues using MMR with FreeIPA (all
systems CentOS 6.3). I have 2 ipa servers (ipaserver / ipaserver2) setup using
MMR.
[root@ipaserver ~]#ipa-replica-manage list
ipaserver.mpls.local: master
ipaserver2.mpls.local: master
[root@ipaserver ~]# rpm
Hello,
I seem to be having a problem with the HBAC test:
Versions:
[root@ipaserver ipatest]# rpm -qa|grep ^ipa
ipa-server-2.2.0-16.el6.x86_64
ipa-pki-common-theme-9.0.3-7.el6.noarch
ipa-pki-ca-theme-9.0.3-7.el6.noarch
ipa-python-2.2.0-16.el6.x86_64
ipa-admintools-2.2.0-16.el6.x86_64
On 2012-08-22, at 4:12 PM, Rob Crittenden wrote:
Michael Mercier wrote:
Hello,
In Aug 2010, someone posted a message to this list about integrating
tacacs+ with freeipa
https://www.redhat.com/archives/freeipa-users/2010-August/msg00058.html
At the time, it was mentioned
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com
] on behalf of Michael Mercier [mmerc...@gmail.com]
Sent: Friday, 17 August 2012 1:14 p.m.
To: freeipa-users@redhat.com
Subject: [Freeipa-users] IPA over the Internet - Security
Hello,
I was wondering what the security implications would be setting up a
server to be a freeipa client at one site, and have it join a freeipa
system over the internet at another site.
ipaclient (siteA) -- internet -- ipaserver (siteB)
Is there an IPA document that describes this
Hello,
I have installed FreeIPA 3.0 beta 1 on Fedora 17, and added a Fedora 17 client.
I do not have anything under the Identity - DNS tab (i.e. no DNS zones)
I did the following when installing:
On the server:
[root@ipaserver ~]#ipa-server-install
-- oops forgot to include DNS
Hello,
I am attempting to install the IPA 3.x beta on Fedora 17 and running into some
difficulty.
I performed the following steps attempting the install (following setup
instructions for FreeIPA 2.2):
1. Download Fedora 17
2. Install Fedora 17 with VMWare
3. add hostname to /etc/hosts -
Hello,
On 2012-07-13, at 9:39 PM, Simo Sorce wrote:
Unfortunately slaving is not supported at the moment, but just out of
curiosity what is the ballpark number for many updates ?
Doing a quick check on the system, anywhere between 600 and 1000 record updates
per minute.
Thanks,
Mike
in the zone is large and
there are a many updates per day and I was uncertain of the type of
performance I could expect.
Thanks,
Mike
On 13-Jul-12, at 7:10 PM, Dmitri Pal wrote:
On 07/13/2012 07:04 PM, Michael Mercier wrote:
Hello,
I am by no means an expert either, but I believe what you
26 matches
Mail list logo