edhat.com]
Sent: Tuesday, 6 November 2012 12:55 p.m.
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] FreeIPA v 2.2 in an AD environment
On 11/05/2012 02:01 PM, Steven Jones wrote:
> corner case?
>
> as in not very standard?
>
> In which case, yes I suppose so. AD is a
On 11/05/2012 01:34 PM, Steven Jones wrote:
> nice (and nice its in 6.4)
>
> :)
>
> I need to read up on trusts.
>
> However from limited experience in an AD forests with trusts they get very
> complex and the security can go bye bye. Ive seen pen tests that come in
> from a trusted domain, usin
On 11/05/2012 02:01 PM, Steven Jones wrote:
> corner case?
>
> as in not very standard?
>
> In which case, yes I suppose so. AD is a very complex thing and you can
> customise it it seems. As a Linux person wandering into such a thing as a
> non-standard AD and not knowing this its a bit of a
On 11/05/2012 01:40 PM, William Muriithi wrote:
> Rich,
>
>> In addition to other comments I want to step back and give a bit of a
>> bigger picture.
>> 1) Regardless of what approach you choose we recommend using the latest
>> available version at the moment of deployment.
> Good suggestion. This
Steven Jones wrote:
"Also note that you asked if "Can I be able to synchronize the current AD
user credentials with
FreeIPA 2.2 or do I have to upgrade to FreeIPA 3.0"
You cannot synchronize already existing passwords with IPA 2.x. You
would have to force AD users to change their passwords in or
corner case?
as in not very standard?
In which case, yes I suppose so. AD is a very complex thing and you can
customise it it seems. As a Linux person wandering into such a thing as a
non-standard AD and not knowing this its a bit of a minefield.but of course
you dont know you are in on
ty, Wellington, NZ
0064 4 463 6272
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of William Muriithi [william.murii...@gmail.com]
Sent: Tuesday, 6 November 2012 7:13 a.m.
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users]
Rich,
>
> In addition to other comments I want to step back and give a bit of a
> bigger picture.
> 1) Regardless of what approach you choose we recommend using the latest
> available version at the moment of deployment.
Good suggestion. This mean I should use version 3. Problem that would
have
nice (and nice its in 6.4)
:)
I need to read up on trusts.
However from limited experience in an AD forests with trusts they get very
complex and the security can go bye bye. Ive seen pen tests that come in from
a trusted domain, using an account with too many privaledges a bad password in
a
when you do it until
> after you are happy its stable and OK.
>
Will use 6.3. Thank you again for the advice
William
>
> ________
> From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
> behalf of William Muriithi [william.murii
"Also note that you asked if "Can I be able to synchronize the current AD
user credentials with
FreeIPA 2.2 or do I have to upgrade to FreeIPA 3.0"
You cannot synchronize already existing passwords with IPA 2.x. You
would have to force AD users to change their passwords in order to get
the clear t
On 11/04/2012 02:23 PM, William Muriithi wrote:
> Hi all,
>
> I am in the process of deploying freeIPA 2.2 to authenticate Linux
> systems and have been able to setup everything nicely with separate
> domain. I mean users are currently using separate password to access
> Linux system and another s
oun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of William Muriithi [william.murii...@gmail.com]
Sent: Monday, 5 November 2012 8:23 a.m.
To: freeipa-users@redhat.com
Subject: [Freeipa-users] FreeIPA v 2.2 in an AD environment
Hi all,
I am in the process of deploying freeIPA 2.2 to authenticate L
lliam.murii...@gmail.com]
Sent: Monday, 5 November 2012 8:23 a.m.
To: freeipa-users@redhat.com
Subject: [Freeipa-users] FreeIPA v 2.2 in an AD environment
Hi all,
I am in the process of deploying freeIPA 2.2 to authenticate Linux
systems and have been able to setup everything nicely with separate
d
14 matches
Mail list logo
