Hi Alexander and Robbie,
Thanks for the responses. I'm not quite ready to start hacking IPA just yet as
I'm still trying to get it setup and running. I'll try to re-create the
weirdness with password expiration not sticking with kadmin.local and I'll post
back if I'm able to reproduce that.
Hi,
This is about the infamous log message
WARNING: changelog: entry cache size 2097152B is less than db size
19701760B; We recommend to increase the entry cache size nsslapd-cachememsize.
I've searched the Internet, including this mailing list, but I haven't found
a sensible FreeIPA
On ti, 17 heinä 2018, Kees Bakker via FreeIPA-users wrote:
Hi,
This is about the infamous log message
WARNING: changelog: entry cache size 2097152B is less than db size
19701760B; We recommend to increase the entry cache size nsslapd-cachememsize.
I've searched the Internet, including
Hello,
Could you please recommend procedure to replace self signed IPA
certificate with external signed CA?
I found this
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html-single/linux_domain_identity_authentication_and_policy_guide/index#manual-cert-renewal-ext
Hello.
We are using FreeIPA primarily to connect our Linux fleet efficiently to our
organisational AD and it’s working well in that capacity.
However, we are investigating a number of different enterprise NAS solutions to
provide (kerberized) NFSv4 file services to this fleet. We were hoping
On ti, 17 heinä 2018, Robert Sturrock via FreeIPA-users wrote:
Hello.
We are using FreeIPA primarily to connect our Linux fleet efficiently
to our organisational AD and it’s working well in that capacity.
However, we are investigating a number of different enterprise NAS
solutions to provide
On 07/17/2018 01:15 PM, Alexander Bokovoy via FreeIPA-users wrote:
On ti, 17 heinä 2018, Kees Bakker wrote:
On 17-07-18 11:48, Alexander Bokovoy wrote:
On ti, 17 heinä 2018, Kees Bakker wrote:
To modify you'd rather use ipa-ldap-updater tool which manages
automatically this for you when an
On ti, 17 heinä 2018, paul mitchell via FreeIPA-users wrote:
We currently have a single AD (2016) domain, company.co.uk. The DNS
zone file is managed by Active Directory, so all machines (Windows and
Linux) are listed in the zone file. Windows users authenticate against
AD and Linux users
Hi Alexander,
>>I don’t see any ‘memberUid’ attributes, but would expect to see about 8
>>members.
>Do you get those users from sssd?
>E.g. 'getent group lcm-managedlinux@localdomain'?
No, this returns an empty list:
# getent group lcm-managedlinux@localdomain
On 17-07-18 13:15, Alexander Bokovoy wrote:
> [...]
> Could you please file a ticket with all these details?
You mean at https://pagure.io/freeipa/issues ?
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an
On ti, 17 heinä 2018, Ludwig Krispenz via FreeIPA-users wrote:
2018-07-17T09:55:10Z DEBUG nsslapd-cachememsize:
2018-07-17T09:55:10Z DEBUG 33554432
2018-07-17T09:55:10Z DEBUG [(0, u'nsslapd-cachememsize',
['33554432']), (1, u'nsslapd-cachememsize', ['2097152'])]
Somehow it considered
On ti, 17 heinä 2018, Kees Bakker wrote:
On 17-07-18 13:15, Alexander Bokovoy wrote:
[...]
Could you please file a ticket with all these details?
You mean at https://pagure.io/freeipa/issues ?
Yes. Thanks in advance.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity
We currently have a single AD (2016) domain, company.co.uk. The DNS zone file
is managed by Active Directory, so all machines (Windows and Linux) are listed
in the zone file. Windows users authenticate against AD and Linux users
authenticate against a separate NIS server. We are considering
On ti, 17 heinä 2018, Kees Bakker wrote:
On 17-07-18 11:48, Alexander Bokovoy wrote:
On ti, 17 heinä 2018, Kees Bakker wrote:
To modify you'd rather use ipa-ldap-updater tool which manages
automatically this for you when an update file is provided. In addition,
you have some substitution
In the final step of upgrading my freeIPA servers to fedora26/freeIPA 4.4.4, I
removed the current demoted the current renewal master, and promoted a CA (sif)
as new renewal master, following instructions from <
On 17-07-18 10:56, Alexander Bokovoy wrote:
> On ti, 17 heinä 2018, Kees Bakker via FreeIPA-users wrote:
>> Hi,
>>
>> This is about the infamous log message
>>
>> WARNING: changelog: entry cache size 2097152B is less than db size
>> 19701760B; We recommend to increase the entry cache size
>>
On ti, 17 heinä 2018, Kees Bakker wrote:
To modify you'd rather use ipa-ldap-updater tool which manages
automatically this for you when an update file is provided. In addition,
you have some substitution variables available too. These aren't needed
for this specific case but it would be useful
Why? It's pretty much clear. You have multiple locations, multiple IPA servers
and clients register to the appropriate IPA based on the DNS resolvers.
Even in the link you attached, the client is assigned to a location
(Prague/Paris).
When you do in a cloud environment, obviously you want to
On 17-07-18 11:48, Alexander Bokovoy wrote:
> On ti, 17 heinä 2018, Kees Bakker wrote:
>>> To modify you'd rather use ipa-ldap-updater tool which manages
>>> automatically this for you when an update file is provided. In addition,
>>> you have some substitution variables available too. These
19 matches
Mail list logo
