subject:"Re\: \[Freeipa\-users\] user certificate ldap EXTERNAL authentication"

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

2016-03-07 Thread Sumit Bose

On Mon, Mar 07, 2016 at 09:58:20AM +0100, Natxo Asenjo wrote: > On Mon, Mar 7, 2016 at 9:14 AM, Martin Kosek wrote: > > > On 03/05/2016 06:00 AM, Rob Crittenden wrote: > > > Natxo Asenjo wrote: > > >> > > >> By the way, revoking the certificate does not block applications

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

2016-03-07 Thread Natxo Asenjo

On Mon, Mar 7, 2016 at 9:14 AM, Martin Kosek wrote: > On 03/05/2016 06:00 AM, Rob Crittenden wrote: > > Natxo Asenjo wrote: > >> > >> By the way, revoking the certificate does not block applications using > >> it from ldap. > >> > >> I can still access the ldap server using

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

2016-03-07 Thread Martin Kosek

On 03/05/2016 06:00 AM, Rob Crittenden wrote: > Natxo Asenjo wrote: >> >> By the way, revoking the certificate does not block applications using >> it from ldap. >> >> I can still access the ldap server using this cert/key pair *after* >> revoking the certificate using ipa cert-revoke . In order

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

2016-03-06 Thread Martin Kosek

On 03/05/2016 12:08 AM, Natxo Asenjo wrote: > On Fri, Mar 4, 2016 at 11:00 PM, Simo Sorce wrote: > >> On Fri, 2016-03-04 at 14:34 -0500, Rob Crittenden wrote: >>> Natxo Asenjo wrote: >> when I go to http://www.freeipa.org/page/Special:OpenIDLogin to login with the

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

2016-03-04 Thread Rob Crittenden

Natxo Asenjo wrote: > > By the way, revoking the certificate does not block applications using > it from ldap. > > I can still access the ldap server using this cert/key pair *after* > revoking the certificate using ipa cert-revoke . In order to > block it I need to remove the seeAlso value of

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

2016-03-04 Thread Natxo Asenjo

By the way, revoking the certificate does not block applications using it from ldap. I can still access the ldap server using this cert/key pair *after* revoking the certificate using ipa cert-revoke . In order to block it I need to remove the seeAlso value of the user account, or the certificate

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

2016-03-04 Thread Natxo Asenjo

On Fri, Mar 4, 2016 at 11:00 PM, Simo Sorce wrote: > On Fri, 2016-03-04 at 14:34 -0500, Rob Crittenden wrote: > > Natxo Asenjo wrote: > > > > when I go to http://www.freeipa.org/page/Special:OpenIDLogin to login > > > with the fedora account I get > > > > > > > > > OpenID

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

2016-03-04 Thread Simo Sorce

On Fri, 2016-03-04 at 14:34 -0500, Rob Crittenden wrote: > Natxo Asenjo wrote: > > > > > > On Fri, Mar 4, 2016 at 4:58 PM, Natxo Asenjo > > wrote: > > > > > > > > On Fri, Mar 4, 2016 at 3:43 PM, Rob Crittenden

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

2016-03-04 Thread Rob Crittenden

Natxo Asenjo wrote: > > > On Fri, Mar 4, 2016 at 4:58 PM, Natxo Asenjo > wrote: > > > > On Fri, Mar 4, 2016 at 3:43 PM, Rob Crittenden > wrote: > > Ah right. Because

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

2016-03-04 Thread Natxo Asenjo

On Fri, Mar 4, 2016 at 4:58 PM, Natxo Asenjo wrote: > > > On Fri, Mar 4, 2016 at 3:43 PM, Rob Crittenden > wrote: > >> Ah right. Because all the subjects are the same base the same map will >> be used for both DS and the CA. >> >> Any chance you

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

2016-03-04 Thread Natxo Asenjo

On Fri, Mar 4, 2016 at 3:43 PM, Rob Crittenden wrote: > Ah right. Because all the subjects are the same base the same map will > be used for both DS and the CA. > > Any chance you could write up a HOWTO on this? Gladly, but I seem unable to login using my recently created

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

2016-03-04 Thread Rob Crittenden

Natxo Asenjo wrote: > hi, > > > On Thu, Mar 3, 2016 at 10:57 PM, Rob Crittenden > wrote: > > Natxo Asenjo wrote: > > > > > Using EXTERNAL, no cookie: > > $ ldapsearch -h kdc.sub.domain.tld -ZZ -Y EXTERNAL -LLL > >

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

2016-03-04 Thread Natxo Asenjo

hi, On Thu, Mar 3, 2016 at 10:57 PM, Rob Crittenden wrote: > Natxo Asenjo wrote: > > > Using EXTERNAL, no cookie: > > $ ldapsearch -h kdc.sub.domain.tld -ZZ -Y EXTERNAL -LLL > > objectclass=person -s sub -b dc=sub,dc=domain,dc=tld cn > > SASL/EXTERNAL authentication

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

2016-03-03 Thread Rob Crittenden

Natxo Asenjo wrote: > hi, > > I am testing certificate authentication to ipa ldap ( centos 7.2 ). > > I have generated a user certificate following the instructions on > https://blog-ftweedal.rhcloud.com/2015/08/user-certificates-and-custom-profiles-with-freeipa-4-2/ > > After that I modified

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

Re: [Freeipa-users] user certificate ldap EXTERNAL authentication

14 matches

Site Navigation

Mail list logo

Footer information