Can I use FreeIPA as Kerberos and LDAP provider (not as IPA) and still use
policies somehow?
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Hello,
i have an freeipa server running and 10 clients. Every client is an copy
from a pc. And everybody works just perfectly except the original pc where
i tested and installed the system at the beginning. I allready copyed the
system over with the one that i used on every client around here, but
Reaching out one more time to see if anyone has any suggestions on my
missing CSN problem. Thank you!!
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
On (11/09/17 07:42), Igor Sever via FreeIPA-users wrote:
>Can I use FreeIPA as Kerberos and LDAP provider (not as IPA) and still use
>policies somehow?
Yes you can, but sssd-1.11.5.1 was quite broken and contained many bugs.
1.11.8 should be much better but from sssd upstream POV 1.13 is long ter
Hi All,
Somewhere after an update (I guess) I have issues;
pki-tomcatd@pki-tomcat.service will not start since it cannot
login to LDAP. It seems I have some certificate isues:
getcert list shows:
Request ID '20170129002017':
st
Winfried de Heiden via FreeIPA-users wrote:
> Hi All,
>
> Somewhere after an update (I guess) I have issues;
> pki-tomcatd@pki-tomcat.service will not start since it cannot login to
> LDAP. It seems I have some certificate isues:
>
> getcert list shows:
>
> Request ID '20170129002017':
> sta
would be nice to include the problem description again, but if you are
referring to:
[26/Aug/2017:21:39:32.891818412 +] NSMMReplicationPlugin - changelog
program - agmt="cn=meTo**.com" (**:389): CSN
597276fb0005000a not found, we aren't as up to date, or we purged
[26/Aug/2017:
CS.cfg was modified so pki-tomcat can login
using a password and non-secure LDAP. At least it is working
now:
< internaldb.ldapauth.authtype=BasicAuth
< internaldb.ldapauth.bindDN=cn=Directory Manager
---
> internaldb.ldapauth.authtype=Ssl
On 09/11/2017 04:53 PM, Winfried de Heiden via FreeIPA-users wrote:
CS.cfg was modified so pki-tomcat can login using a password and
non-secure LDAP. At least it is working now:
< internaldb.ldapauth.authtype=BasicAuth
< internaldb.ldapauth.bindDN=cn=Directory Manager
---
> internaldb.ldap
Hi,
We have an "interesting" set up here and ultimately it means that some of our
users are on a network that can't access the domain that the IPA servers are on
so can't reset their passwords. However, they do have access to a domain that
we can proxy requests through to get to IPA.
Through
Hello,
I have two questions:
1. How can the default DNS grants be restored, or fixed, without
knowing what they were?
2. Where can I get information about grants? I can't seem to find where
they're documented.
I was trying to get DDNS updates to work from DHCP server, and the
documentati
Greetings!
Password changes will use Kerberos port 464. Is Nginx forwarding port 464
to whatever domain controllers are managing the users who want to change their
password?
--David Alston
From: doug.kelly--- via FreeIPA-users
[mailto:freeipa-users@lists.fedorahosted.org]
Sent: Monday,
None via FreeIPA-users wrote:
> Hello,
>
> I have two questions:
>
> 1. How can the default DNS grants be restored, or fixed, without
>knowing what they were?
> 2. Where can I get information about grants? I can't seem to find where
>they're documented.
>
> I was trying to get DDNS updat
Rob Foehl via FreeIPA-users wrote:
> Noting that it's now possible to modify the CA certificate subject name
> at install time in 4.5 and 4.6, is there any provision for doing so
> after an upgrade to one of those releases with a cert that originated in
> a 4.4 instance? Possibly involving renewal
Trying to create a replica server with ipa-replica-install, but it breaks
during installation while restarting the directory service saying that LDAP
service not found. But I can see LDAP server is running.
I have created around 3 replicas using the same procedure about 4 months ago,
but now it
Unfortunately, I cannot upgrade systems and packages as I want because of
legacy applications.
Is there somewhere information how would I approach to configure SSSD to use
FreeIPA as Kerberos and LDAP provider and for policies to work? I can only find
where access is enforced with LDAP filter in
On ti, 12 syys 2017, Igor Sever via FreeIPA-users wrote:
Unfortunately, I cannot upgrade systems and packages as I want because of
legacy applications.
Is there somewhere information how would I approach to configure SSSD
to use FreeIPA as Kerberos and LDAP provider and for policies to work?
I c
17 matches
Mail list logo