I added Replication timeout in /usr/share/dirsrv/data/template-dse.ldif on
replica before ipa-replica-install which took care of time consumed for
large data getting replicated.
https://access.redhat.com/documentation/en-us/red_hat_directory_server/10/html/administration_guide/setting-replication-
It is never synced across masters, Check this on all servers.
ipa user-show --all --raw | grep krbLastSuccessfulAuth
On Fri, Aug 16, 2019 at 3:12 PM Boyd Ako via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> Is there any way to check when a user has last logged into any of th
Hello
A bugzilla for the same is already open
https://bugzilla.redhat.com/show_bug.cgi?id=1392858
From the current information, It will be released in RHEL 7.5
Regards
Arpit Tolani
On Mon, May 22, 2017 at 8:32 PM, Jason Hensley wrote:
> Is anyone running FreeIPA 4.5.0+ successfully on Rhel7/C
Hello
>
> You mean 7.4, right? (I hope so as I an waiting for some patched to come into
> RHEL 7)
Yes, 7.4.. Sorry for the typo..
--
Thanks & Regards
Arpit Tolani
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe s
Hello
I think striker is talking about DNS Management GUI.
Using bind with bind-dyndb-ldap & storing it on OpenLDAP is just
backend, If we can have a way to manage that setup using WebUI similar
to IPA, It will be really great.
Regards
Arpit Tolani
On Sat, Jun 3, 2017 at 6:22 AM, Brendan Kearne
Hello
> Can you help to shed more lights on how to configure the SRV records for
> auto discovery?
>
When ipa-server is setup with embedded DNS (using --setup-dns ) SRV
records are automatically added in IPA.
If its external DNS server, You need to add records something like
this in your DNS ser
Hello
IPA can sign certificate requests with subjectAltName (SAN)
extensions. Use the 'ipa-getcert' command to resubmit the LDAP SSL
certificate request(s), adding the '-D' option to specify the DNSNAME
value for each of the VIPs:
First, on each IPA server, run 'ipa-getcert list' to find the
BTW Now I think of it, why are you using Load balancert, Let SRV
records take care of your IPA load balancing, Configure your clients
to auto-discover IPA server using SRV records.
Regards
Arpit Tolani
On Mon, Jun 12, 2017 at 4:14 PM, Arpit Tolani wrote:
> Hello
>
> IPA can sign certificate req
Hello
Try to run below commands on your IPA client & point resolv.conf to
IPA server & IPA client
# dig srv _ldap._tcp.dataservice.net
# dig srv _kerberos._tcp.dataservice.net
# dig srv _kpasswd._tcp.dataservice.net
If they return your IPA servers, It can automatically figure out your
IPA serve
Hello
I am sorry, I am not sure but if your client hostname is within
correct domain, I think you dont need to give domain & realm.
like your IPA domain & realm is dataservice.net & your client hostname
is system2.dataservice.net, I think it will take it automatically,
Someone else can confirm.
10 matches
Mail list logo
