[Freeipa-users] Centos7.4: users not seeing password expired notifications

2017-12-21 Thread Johan Vermeulen via FreeIPA-users
Hello All, We run some 200 Centos7/Mate laptops, since last year they authenticate against freeipa. Lightdm/Mate are installed using epel repo. On Centos7.3/Lightdm 1.10.6-4.el7 things were al right, when a password expired, users would get the passwd expired field, the "new password" field en

[Freeipa-users] Re: Centos7.4: users not seeing password expired notifications

2017-12-21 Thread Stephen Berg (Contractor, Code 7320) via FreeIPA-users
On 12/21/2017 02:39 AM, Johan Vermeulen via FreeIPA-users wrote: Hello All, We run some 200 Centos7/Mate laptops, since last year they authenticate against freeipa. Lightdm/Mate are installed using epel repo. On Centos7.3/Lightdm 1.10.6-4.el7 things were al right, when a password expired,

[Freeipa-users] Re: Centos7.4: users not seeing password expired notifications

2017-12-21 Thread Jakub Hrozek via FreeIPA-users
This sounds like a bug, could you follow https://docs.pagure.org/SSSD.sssd/users/troubleshooting.html, gather logs from the pam and domain sections and post them here? If the password is expired, then pam_sss should send a message to the login manager which the login manager should display.

[Freeipa-users] ipa-replica-manage DNS backend issues?

2017-12-21 Thread Jonathan Kelley via FreeIPA-users
Hi, Running IPA-server 4.5.0-21 I lost 2/3 IPA servers from power failure, replication didn't recover. I want to drop the replicas and add new ones, but can't see a list of replicas. It's giving me SERVFAIL for google DNS which seems unlikely. Anyone know of a trick forward to recovery?

[Freeipa-users] Re: api scripts

2017-12-21 Thread Jens Timmerman via FreeIPA-users
Hi Andrew, On 20/12/2017 22:42, Andrew Meyer via FreeIPA-users wrote: > Does anyone have any examples or could share what they have written? > > I am trying to write a script and not sure what components I need.  I've been working on a python client for a bit. It will probably be made public when

[Freeipa-users] debian 8 freeipa-client

2017-12-21 Thread Andrew Radygin via FreeIPA-users
Hello! I have freeipa server 4.5 on Centos 7. And want to enroll host on Debian 8 to domain. I've found freeipa-client 4.4 in the sid repo, installing of it was almost successful... apt-get cannot complete configuring for certmonger, and I've got following error: == # journalctl -u

[Freeipa-users] Re: api scripts

2017-12-21 Thread Andrew Meyer via FreeIPA-users
Thank you On Thursday, December 21, 2017 4:31 AM, Jens Timmerman via FreeIPA-users wrote: Hi Andrew, On 20/12/2017 22:42, Andrew Meyer via FreeIPA-users wrote: > Does anyone have any examples or could share what they have written? > > I am trying

[Freeipa-users] Re: api scripts

2017-12-21 Thread Aaron Hicks via FreeIPA-users
Hi Andrew and Jens, I’ve been using python-freeipa https://github.com/opennode/python-freeipa https://pypi.python.org/pypi/python-freeipa/0.1.2 So… from python_freeipa import Client from configuration import config, args # a thing that processes args and configparser config

[Freeipa-users] Re: api scripts

2017-12-21 Thread Andrew Meyer via FreeIPA-users
Does this script prompt you to enter the data needed or do I need to hard code it? On Thursday, December 21, 2017 10:50 AM, Andrew Meyer via FreeIPA-users wrote: Thank you On Thursday, December 21, 2017 4:31 AM, Jens Timmerman via