Re: [Freeipa-users] DNS denied for clients

2011-05-24 Thread Adam Tkac
Hello Steven, you need to set allow-query-cache ACL in your named.conf if you want to use your DNS server as recursive server for your clients. I'm not sure if setting of this option was changed recently, it seems it wasn't. Regards, Adam On 05/24/2011 01:09 AM, Steven Jones wrote: Hi,

Re: [Freeipa-users] DNS denied for clients

2011-05-24 Thread Simo Sorce
On Mon, 2011-05-23 at 23:09 +, Steven Jones wrote: Hi, Seems there is a change from 6.1 beta /earlier IPA to laterI now find that clients cant use dns as its deniedas attached screenshotis this setting in IPA itself? or named.conf? Are your clients in the same subnet or in

Re: [Freeipa-users] How is/to get IPA backed up?

2011-05-24 Thread Dmitri Pal
On 05/24/2011 09:14 AM, Dmitri Pal wrote: On 05/23/2011 11:02 PM, Steven Jones wrote: ie on FDS I think you can do an export to a flat file and then import itthat way the backup client can backup a flatfile and not attempt to do the database regards

Re: [Freeipa-users] IPA Startup issues

2011-05-24 Thread Steven Jones
Hi, My server is RHEL6.1 and has 2 x 3ghz Xeon CPUs and 4gb of ram, and does nothingand it wont start on boot. regards From: Christian Horn [ch...@fluxcoil.net] Sent: Tuesday, 24 May 2011 3:15 p.m. To: Sigbjorn Lie Cc: Steven Jones;

Re: [Freeipa-users] DNS denied for clients

2011-05-24 Thread Steven Jones
Hi, ive been expanding the POC, they used to be all on one. Ahthey are now on different subnetsthe DHCP subnet 53.xx, server subnet 81.xx and server management subnet 87.xx. regards From: Simo Sorce [s...@redhat.com] Sent: Wednesday, 25 May

Re: [Freeipa-users] How is/to get IPA backed up?

2011-05-24 Thread Steven Jones
But how is a backup guaranteed to be consistant? With the FDS I played with some years back I could dump out the db into a flat file which could then be backup... regards From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on

Re: [Freeipa-users] Server - client mismatch has no progressed to 6.1 - httpd logs

2011-05-24 Thread Steven Jones
Hi, So I cant get clients to connect tot he ipa server, bei it 5.6 or 6.1 Is there a solution to this? regards From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on behalf of Steven Jones [steven.jo...@vuw.ac.nz] Sent: Tuesday,

Re: [Freeipa-users] How is/to get IPA backed up?

2011-05-24 Thread Rob Crittenden
Steven Jones wrote: But how is a backup guaranteed to be consistant? With the FDS I played with some years back I could dump out the db into a flat file which could then be backup... It depends on what this backup is for. If it is for catastrophic recovery then backing up the entire system

Re: [Freeipa-users] DNS denied for clients

2011-05-24 Thread Simo Sorce
On Tue, 2011-05-24 at 20:10 +, Steven Jones wrote: Hi, ive been expanding the POC, they used to be all on one. Ahthey are now on different subnetsthe DHCP subnet 53.xx, server subnet 81.xx and server management subnet 87.xx. Ok then you need to consult the bind manual an

Re: [Freeipa-users] DNS denied for clients

2011-05-24 Thread Steven Jones
Hi, yes Ive done thisproblem is when its integrated into IPA I didnt know if this was the right/approved way to do it. regards From: Simo Sorce [s...@redhat.com] Sent: Wednesday, 25 May 2011 8:54 a.m. To: Steven Jones Cc: freeipa-users@redhat.com

Re: [Freeipa-users] DNS denied for clients

2011-05-24 Thread Simo Sorce
On Tue, 2011-05-24 at 21:09 +, Steven Jones wrote: Hi, yes Ive done thisproblem is when its integrated into IPA I didnt know if this was the right/approved way to do it. IPA manages just the zones for now. Everything that goes in the main configuration section is handled through

Re: [Freeipa-users] Server - client mismatch has no progressed to 6.1 - httpd logs

2011-05-24 Thread Rob Crittenden
Steven Jones wrote: Logs. Sorry, had you set the level in the wrong file. Can you set LogLevel debug in /etc/httpd/conf.d/nss.conf, restart Apache and try again? rob From: Rob Crittenden [rcrit...@redhat.com] Sent: Wednesday, 25 May 2011 8:51

Re: [Freeipa-users] Server - client mismatch has no progressed to 6.1 - httpd logs

2011-05-24 Thread Steven Jones
Is this done on the cleint or the server? regards From: Rob Crittenden [rcrit...@redhat.com] Sent: Wednesday, 25 May 2011 3:33 p.m. To: Steven Jones Cc: freeipa-users@redhat.com Subject: Re: [Freeipa-users] Server - client mismatch has no progressed to 6.1

[Freeipa-users] kerberos to keberos inter-realm trusts

2011-05-24 Thread Steven Jones
Can IPA do this? regards ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users