Alfred Victor via FreeIPA-users wrote:
>
> From:
> https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/migrating_from_a_directory_server_to_ipa
>
> *"Users cannot authenticate to the IdM domain or access IdM
Robert Kudyba wrote:
>
> > Now any idea why the original '$gecos' inserts the actual string
> $gecos
> > into FreeIPA/LDAP?
>
> It's a shell issue, single quotes prevents any argument expansion, use
> double quotes.
>
>
> Sure but using just double quotes $gecos is still
Hi Rob and IPA list -
The alternative is if it is possible to use the sssd method similar to as
described in 39.1.2.3 at the below link to update credentials at IPA as
well when a user resets their password, but I expect that if this is
possible to do with both systems in parallel (OpenLDAP
On Thu, Feb 4, 2021 at 11:47 AM Rob Crittenden wrote:
> Robert Kudyba wrote:
> >
> > > Now any idea why the original '$gecos' inserts the actual string
> > $gecos
> > > into FreeIPA/LDAP?
> >
> > It's a shell issue, single quotes prevents any argument expansion,
> use
> >
>
>
> > Now any idea why the original '$gecos' inserts the actual string $gecos
> > into FreeIPA/LDAP?
>
> It's a shell issue, single quotes prevents any argument expansion, use
> double quotes.
>
Sure but using just double quotes $gecos is still added to the FreeIPA
record. I can at least
From:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/migrating_from_a_directory_server_to_ipa
*"Users cannot authenticate to the IdM domain or access IdM resources until
they have Kerberos hashes."*
To be sure I
Hi,
Robert Kudyba via FreeIPA-users
writes:
> Yes and I found a fix. All that is needed is to surround the echo command
> with double quotes at the top of the script where username is set:
> username="$(echo $line | cut -f1 -d:)"
For some of these errors using shellcheck might help. Not
Alfred Victor via FreeIPA-users wrote:
> Hi Rob and IPA list -
>
> The alternative is if it is possible to use the sssd method similar to
> as described in 39.1.2.3 at the below link to update credentials at IPA
> as well when a user resets their password, but I expect that if this is
> possible
At work, I manage a small lab that is used by my team (< 10 people).
All lab users are currently managed in the lab FreeIPA, but we all use
it extensively, so creating separate credentials for the lab isn't
overly burdensome.
We're now expanding the lab, and the number of users who may need
(besides add the passSyncManagersDNs attribute of course!)
Andy
On Thu, Feb 4, 2021 at 1:13 PM Alfred Victor wrote:
>
> From:
>
Ian Pilcher via FreeIPA-users wrote:
> At work, I manage a small lab that is used by my team (< 10 people).
> All lab users are currently managed in the lab FreeIPA, but we all use
> it extensively, so creating separate credentials for the lab isn't
> overly burdensome.
>
> We're now expanding
11 matches
Mail list logo