Hi,
we use an Active Directory (Server 2012) and a FreeIPA 4.5.4
installation. FreeIPA runs under Centos 7, sssd version is
sssd-1.16.0-19.el7.x86_64. Between AD and FreeIPA we have set up a
one-way trust. For some AD users, we have set up a uid override under
"Default Trust View" in FreeIPA.
On ke, 04 heinä 2018, lune voo via FreeIPA-users wrote:
I will try to reproduce the problem interactively in python.
I meant in shell, to rule out any issues outside your python code.
Lune
Le mer. 4 juil. 2018 à 07:20, Alexander Bokovoy a
écrit :
On ke, 04 heinä 2018, lune voo wrote:
Hi,
On a test FreeIPA environment (4.5.0-22), a user is shown using the id
command, so ID Override is working as well.
id x...@accmsnet.railb.be
uid=8028(x...@accmsnet.railb.be) gid=4030(ucc)
groups=4030(ucc),702800513(domain us...@accmsnet.railb.be
),131849(ad_users)
However this particular
Hello Alexander.
Thanks for the answer.
Otp stands for one time password.
In fact in order to set a password for a user, I do first a ipa passwd
using ipa python library.
The otp is good normally.
And the kpasswd password should be good also except if ipa kdc dont like
some special characters
I have currently been assisting an AIX colleague to use IPA as
authentication/authz provider for AIX systems.
That way we are moving to a common platform
We have found some examples on the web (AIX 5.x, AIX 6); information here
and there - but for the moment we still have a few issues.
The
On ke, 04 heinä 2018, Pieter Baele via FreeIPA-users wrote:
Hi,
On a test FreeIPA environment (4.5.0-22), a user is shown using the id
command, so ID Override is working as well.
id x...@accmsnet.railb.be
uid=8028(x...@accmsnet.railb.be) gid=4030(ucc)
groups=4030(ucc),702800513(domain
On ke, 04 heinä 2018, lune voo wrote:
Hello Alexander.
Thanks for the answer.
Otp stands for one time password.
In fact in order to set a password for a user, I do first a ipa passwd
using ipa python library.
So, your code is equivalent to
kinit admin
ipa passwd test-user
kpasswd test-user
I will try to reproduce the problem interactively in python.
Lune
Le mer. 4 juil. 2018 à 07:20, Alexander Bokovoy a
écrit :
> On ke, 04 heinä 2018, lune voo wrote:
> >Hello Alexander.
> >
> >Thanks for the answer.
> >
> >Otp stands for one time password.
> >
> >In fact in order to set a
On ti, 03 heinä 2018, Michael Gusek via FreeIPA-users wrote:
Hi Alexander,
its SSSD, we check it with id -u u...@example.com.
Then you need to gather logs from SSSD on IPA master.
Basically, add
debug_level = 9
in domain and nss sections to /etc/sssd/sssd.conf and restart sssd.
Logs will be
Somehow, the admin account is permanently locked
just a simple reproduction
sh-4.2# kinit admin
kinit: Client's credentials have been revoked while getting initial credentials
sh-4.2# kdestroy -A
sh-4.2# kinit
Password for @bla-bla
sh-4.2# ipa user-unlock admin
Ok, i've activated logging for all sections, i'm missed section nss. I
will upload log files next time if i run in trouble.
Michael
Am 03.07.2018 um 15:49 schrieb Alexander Bokovoy:
> On ti, 03 heinä 2018, Michael Gusek via FreeIPA-users wrote:
>> Hi Alexander,
>>
>> its SSSD, we check it with
On ti, 03 heinä 2018, skrawczenko--- via FreeIPA-users wrote:
Somehow, the admin account is permanently locked
just a simple reproduction
sh-4.2# kinit admin
kinit: Client's credentials have been revoked while getting initial credentials
sh-4.2# kdestroy -A
sh-4.2# kinit
Password for
Hi Alexander,
its SSSD, we check it with id -u u...@example.com.
Michael
Am 03.07.2018 um 14:57 schrieb Alexander Bokovoy via FreeIPA-users:
> On ti, 03 heinä 2018, Michael Gusek via FreeIPA-users wrote:
>> Hi,
>>
>> we use an Active Directory (Server 2012) and a FreeIPA 4.5.4
>> installation.
On ti, 03 heinä 2018, Michael Gusek via FreeIPA-users wrote:
Ok, i've activated logging for all sections, i'm missed section nss. I
will upload log files next time if i run in trouble.
Please don't post it public as it would contain quite a number of
details about your deployment.
--
/
Hello !
I contact you because I encounter a problem when I use kpasswd using python
popen function.
I use freeipa 3.0 and python 2.6.6.
Here is what I do in python :
input_process = otp + '\n' + password + '\n' + password
cmd = 'kpasswd %s' % user_login
cmd_and_args = shlex.split(cmd)
p =
On ti, 03 heinä 2018, lune voo via FreeIPA-users wrote:
Hello !
I contact you because I encounter a problem when I use kpasswd using python
popen function.
I use freeipa 3.0 and python 2.6.6.
Here is what I do in python :
input_process = otp + '\n' + password + '\n' + password
Here you
16 matches
Mail list logo