My kdc.crt has disappeared after a large number of problems with amn upgrade
from 7.3 to 7.4 on my SL7 box (roughly equivalent to Centos). It is a vanilla
installation with self-signed cerificates.
I am aware of the permission errors in 4.5.0, but what I really need to know
is what command to e
On to, 21 syys 2017, Niels Walet via FreeIPA-users wrote:
My kdc.crt has disappeared after a large number of problems with amn
upgrade from 7.3 to 7.4 on my SL7 box (roughly equivalent to Centos).
It is a vanilla installation with self-signed cerificates. I am aware
of the permission errors in
Thank you again for assisting. I did a little more digging myself and realized
something wrong about my /etc/pam.d/system-auth and /etc/pam.d/password-auth
files. The auth line for pam_sss.so had both use_first_pass and forward_pass.
It seems to me that these counter each other in some way. Once
I'd like to set up a new FreeIPA instance with DNS, and I'd like to
use a zone that already exists. My intention is to configure the ipa
server, then delete the existing DNS zone and point NS records for
that zone toward the ipa server.
ipa-server-install fails when the domain given by --domain a
That's embarrassing. I noticed --allow-zone-overlap right after I
sent that. I swear I looked for an option beforehand.
Sorry for the noise.
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-
Hey Eric,
To me looks like either the /etc/hosts file is wrongly configured/dns
server is not set to ipa or ipa ports are not open.
M.
On Wed, Sep 20, 2017 at 5:30 PM, Eric Scholwin via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> Foolishly, I blew up my entire 4.4 on Centos 7
Hey Jake,
I recall having the same issue but don't remember the solution.
Check the logs maybe you'll find something.
Worst case you can always rejoin the ipa replicator and it will sync.
M.
On Tue, Sep 19, 2017 at 2:14 PM, Jake via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
Hey Ipa list!
Is there a way to disable 2FA for a particular host?
I'm using PAM auth there for a webservice that does not have kerberos and
it's annoying users to enter the 2FA every-time(so I want to make an
exception)
Thanks
--
Best regards
Maciej Drobniuch
Network Security Engineer
Collec