Since taking over our FreeIPA environment I've been unable to create a new CA
replica. A bunch of failed attempts and upgrades over the last year and I keep
running in to issues. After my latest attempt I noticed something that I had
not seen before (likely a result of an recent upgrade) and
Hi all,
I have set up trust between FreeIPA and AD. Users from AD domain can
successfully log into the linux boxes when I have allow_all rule enabled.
However, when I try to achieve something more fancy, like assigning set of
users to a custom group (firstly external, then the posix one) or mak
Pieter Baele via FreeIPA-users wrote:
> No, only "fresh" and updated RHEL 7.3 hosts.
Ok, you were the one that brought up re-installing...
> Connections are being made, but still ipa-client install.
> Can't wait forever on a solution of RH Support, they have/had no clue at
> all, so I'll reinsta
wenxing zheng via FreeIPA-users wrote:
> Dear all,
>
> I met with an issue when doing the LDAP authentication on the Kylin. My
> FreeIPA works with Ranger very well, but on Kylin, when binding the DN
> with the admin, it failed to connect to the LDAP server:
>
> [05/Jul/2017:11:16:32 +0800] ipalo
On Wed, Jul 5, 2017 at 7:28 PM Rob Crittenden wrote:
> Pieter Baele via FreeIPA-users wrote:
> > No, only "fresh" and updated RHEL 7.3 hosts.
>
> Ok, you were the one that brought up re-installing...
>
> > Connections are being made, but still ipa-client install.
> > Can't wait forever on a solut
All the problems are solved.
Thanks for all :)
On Tue, Jun 27, 2017 at 1:11 PM Ataliba Teixeira wrote:
> Hello Rob,
>
> The strange thing i have here is. The server2 has all of my servers listed
> on the web interface but the server1 not have all of this servers.
>
> When i run the command :
>
Bart,
Which versions of SSSD and FreeIPA are you using?
cheers
L.
--
"Mission Statement: To provide hope and inspiration for collective action,
to build collective power, to achieve collective transformation, rooted in
grief and rage but pointed towards vision and dreams."
- Patrisse Cullo
Bart,
Which versions of SSSD and FreeIPA are you using?
cheers
L.
--
"Mission Statement: To provide hope and inspiration for collective action,
to build collective power, to achieve collective transformation, rooted in
grief and rage but pointed towards vision and dreams."
- Patrisse Cullo
Thanks to Rob.
We finally got the root cause, it's a bug in the application. Our LDAP URL
or DN is too long which triggered a bug in the JDK Properties. Java
Properties doesn't allow the value to be longer than 47, and if the length
is longer than 47, it will truncate the value and append the "...
Hi All,
We have IPA running in a one-way trust with our AD and it’s working well.
However, there are a number of users who belong to an affiliated institution
who are nonetheless present in our AD, but with a different UPN suffix to the
trust domains. The particulars are:
IPA realm: IPA.LO
On to, 06 heinä 2017, Robert Sturrock via FreeIPA-users wrote:
Hi All,
We have IPA running in a one-way trust with our AD and it’s working well.
However, there are a number of users who belong to an affiliated institution
who are nonetheless present in our AD, but with a different UPN suffix
11 matches
Mail list logo