Re: [Freeipa-users] OS X Yosemite unable to authenticate

event replication from clouding the log events thanks, everyone Cal Sawyer | Systems Engineer | BlueBolt Ltd 15-16 Margaret Street | London W1W 8RW +44 (0)20 7637 5575 |www.blue-bolt.com On 21/12/15 07:57, Nicola Canepa wrote: Hello, I tried 2 weeks ago from Mavericks (OSX 10.9), but I had the oppo

Re: [Freeipa-users] OS X Yosemite unable to authenticate

rgaret Street | London W1W 8RW +44 (0)20 7637 5575 | www.blue-bolt.com <http://www.blue-bolt.com> -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the pro

Re: [Freeipa-users] Service Accounts via IPA

my options to set this up as a default for service accounts, or how can I modify individual accounts that need access to a system, but should not be able to login to the system. Any help is appreciated. -- Nicola Canepa Tel: +39-0522-399-3474 canep...@mmfg.it --- Il contenuto della

Re: [Freeipa-users] FreeIPA and DHCP

ll have to configure another LDAP server, and to find a management GUI. Nicola Il 19/10/15 00:35, Fraser Tweedale ha scritto: On Fri, Oct 16, 2015 at 03:01:19PM +0200, Nicola Canepa wrote: Hello. Is there a suggested way to have DHCP IP/MAC associations managed through the IPA web interface?

[Freeipa-users] FreeIPA and DHCP

Hello. Is there a suggested way to have DHCP IP/MAC associations managed through the IPA web interface? Thank you for any pointer. Nicola -- Nicola Canepa Tel: +39-0522-399-3474 canep...@mmfg.it --- Il contenuto della presente comunicazione è riservato e destinato esclusivamente ai

[Freeipa-users] ACI for full replica

d field. Which ACI/Role/Group should I use for this purpose? Thank you for any hint: I did not find such information inside the documentation. Nicola -- Nicola Canepa Tel: +39-0522-399-3474 canep...@mmfg.it --- Il contenuto della presente comunicazione è riservato e destinato esclusivamente

Re: [Freeipa-users] Problem with replica

/newticket Ludwig On 09/24/2015 09:08 AM, Nicola Canepa wrote: Hello, I'm trying to setup a partial replica of the LDAP tree stored in 389-ds by FreeIPA 4.1 (under CentOS 7), so that legacy systems have a local copy of the data needed to authenticate. Those systems have already OpenLDAP installed,

[Freeipa-users] Problem with replica

odify replace:olcSyncrepl olcSyncrepl: rid=0001 provider=ldap://AAA.TLD type=refreshOnly interval=00:1:00:00 retry="5 5 300 +" searchbase="YYY" attrs="*,+" bindmethod=simple binddn="uid=XXX,cn=users,cn=accounts,dc=YYY" credentials=ZZZ

[Freeipa-users] Partial replica

give to me. Nicola -- Nicola Canepa canep...@mmfg.it --- Il contenuto della presente comunicazione è riservato e destinato esclusivamente ai destinatari indicati. Nel caso in cui sia ricevuto da persona diversa dal destinatario sono proibite la diffusione, la distribuzione e la copia. Nel

Re: [Freeipa-users] Rename or not to rename (packages only)? freeipa-server -> ipa-server?

- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project -- Nicola Canepa Tel: +39-0522-399-3474 canep...@mmfg.it --- Il contenuto della presente comunicazione è riservat

Re: [Freeipa-users] Problem in CLI after upgrade to 4.1.0

t;$tempfile" >>/var/log/ipaupgrade.log 2>&1 fi rm -f "$tempfile" And also the ipa commands work correctly. Nicola Il 16 Luglio 2015 14:01:47 CEST, Nicola Canepa ha scritto: >I upgraded from freeipa 4.0 to ipa-4.1.0 >Users continue to be authenticated, and web GU

[Freeipa-users] Problem in CLI after upgrade to 4.1.0

/json': (SEC_ERROR_LEGACY_DATABASE) The certificate/key database is in an old, unsupported format. Nicola -- Nicola Canepa Tel: +39-0522-399-3474 canep...@mmfg.it --- Il contenuto della presente comunicazione è riservato e destinato esclusivamente ai destinatari indicati. Nel caso in cui sia ricevuto

Re: [Freeipa-users] Migrating from custom auth system

just supplied password). Nicola Il 09/07/15 15:20, Alexander Bokovoy ha scritto: On Thu, 09 Jul 2015, Nicola Canepa wrote: Thank you Alexander. If the previous password is not used, I could set an impossible-hash password (such as "{crypt}*") and let users login authenticating trhough

Re: [Freeipa-users] Migrating from custom auth system

I'll test both ways. Nicola Il 09/07/15 14:44, Alexander Bokovoy ha scritto: On Thu, 09 Jul 2015, Nicola Canepa wrote: OK, I'm sorry for the little information provided: I can't do migrate-ds, since I'm not coming from a "DS" (which can only be another LDAP server, I

Re: [Freeipa-users] Migrating from custom auth system

logging in and updating passwords. SSSD knows about migration mode and has support for it. On Thu, 09 Jul 2015, Nicola Canepa wrote: I don't understand the question: aren't users created by IPA command line the same as if they are created via the web GUI? Nicola Il 09/07/15 13:05, Jan

Re: [Freeipa-users] Migrating from custom auth system

I don't understand the question: aren't users created by IPA command line the same as if they are created via the web GUI? Nicola Il 09/07/15 13:05, Jan Pazdziora ha scritto: On Thu, Jul 09, 2015 at 11:33:23AM +0200, Nicola Canepa wrote: Hello. I was trying Freeipa as an addition

[Freeipa-users] Migrating from custom auth system

Hello. I was trying Freeipa as an addition and (maybe) future replacement for the current SSO solution (custom and only for web apps). I was able to authenticate (via pam_exec) LDAP users on the legacy system. My problem is with Kerberos and FreeIPA web GUI, which don't accept LDAP users not cr