On 17.2.2013 20:05, Rajnesh Kumar Siwal wrote:
Please guide us about the LDAP user
uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com.
Does it has a read only access or read-write access to the
uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com ?
Because the file /etc/ldap.conf is readable by all
On 02/15/2013 07:23 PM, Chuck Lever wrote:
...
(I also note that ipa-client-install does not disable chronyd, but I've
only tried the client install script on Fedora 16).
Hello Chuck,
I would just like to comment that we address chronyd/ntpd in FreeIPA in Fedora
18. We do check if chronyd
On Mon, Feb 18, 2013 at 12:16:33AM -0500, Dmitri Pal wrote:
On 02/17/2013 03:55 PM, Jan-Frode Myklebust wrote:
On Sun, Feb 17, 2013 at 09:48:10PM +0100, Jan-Frode Myklebust wrote:
(Sun Feb 17 21:40:07 2013) [sssd[be[IPALDAP]]] [sdap_fill_memberships]
(7): member #2
Petr Spacek wrote:
On 17.2.2013 20:05, Rajnesh Kumar Siwal wrote:
Please guide us about the LDAP user
uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com.
Does it has a read only access or read-write access to the
uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com ?
Because the file /etc/ldap.conf
Hello all,
I am having an issue using IPA 2.2.0. I am trying to put together a
proof of concept set of systems. I've stood up 2 servers on AWS. One is the
server one is the client. I am using CentOS 6 to do all this testing on, with
the default IPA packages provided from
On Mon, 18 Feb 2013, Rob Crittenden wrote:
Petr Spacek wrote:
On 17.2.2013 20:05, Rajnesh Kumar Siwal wrote:
Please guide us about the LDAP user
uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com.
Does it has a read only access or read-write access to the
Alexander Bokovoy wrote:
On Mon, 18 Feb 2013, Rob Crittenden wrote:
Petr Spacek wrote:
On 17.2.2013 20:05, Rajnesh Kumar Siwal wrote:
Please guide us about the LDAP user
uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com.
Does it has a read only access or read-write access to the
Hello,
Named stopped on one of my IPA servers over the weekend, this was the last
message in the log file:
ldap_helper.c:627: fatal error:
RUNTIME_CHECK(((pthread_mutex_destroy(((ldap_conn-lock))) == 0) ? 0 : 34) ==
0) failed
exiting (due to fatal error in library)
Any ideas?
All other IPA
We have all our servers in two domains, example.com and lab.example.com.
But unfortunately it seems IPA (ipa-server-2.2.0-17.el6_3.1.x86_64)
populates the automatic host netgroups in the example.com domain both for
hostname1.example.com and hostname2.lab.example.com. I.e.:
Jan-Frode Myklebust wrote:
We have all our servers in two domains, example.com and lab.example.com.
But unfortunately it seems IPA (ipa-server-2.2.0-17.el6_3.1.x86_64)
populates the automatic host netgroups in the example.com domain both for
hostname1.example.com and hostname2.lab.example.com.
On Mon, Feb 18, 2013 at 01:33:08PM -0500, Rob Crittenden wrote:
nisDomainName is defined in the dc=example,dc=com entry.
Currently only one nis domain is supported. It is probably possible
to support multiple but it would require hacking on the nis schema
compat configuration.
Will it be
Jan-Frode Myklebust wrote:
On Mon, Feb 18, 2013 at 01:33:08PM -0500, Rob Crittenden wrote:
nisDomainName is defined in the dc=example,dc=com entry.
Currently only one nis domain is supported. It is probably possible
to support multiple but it would require hacking on the nis schema
compat
I am trying to ssh from Windows - IPA server using GSS-API. I've tried
putty, which provides very little debug out. I then downloaded securecrt which
provides more output.
On the server side, I just see postponed gss-with-mic and then a failure
message. I'm attaching the output from
More info - attached var/log/secure, and sshd_config.
Password authentication works, just gssapi fails. in the securecrt provided I
have disabled password auth as an option
{\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340
{\fonttbl\f0\fswiss\fcharset0 Helvetica;}
Hi John,
I ran into a similar issue with setting up a 2.2 client with a 3.1 server.
It turned out to be that port 80 wasn't open on the freeipa server.
I would check your ports and see if the right ones are open.
I also find that setting up the SRV and TXT records in your dns zone makes
setting
Hi,
My poor 2 ideas,
You could try web browsing to the IPA server to see if the cert is there (wild
guess).
~/ipa and see if there is a CA cert you can import.
Is the client pointing at the IPA server for its DNS?
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria
On 02/18/2013 09:06 PM, John Moyer wrote:
Peter,
The client is pointing to DNS for the server. Here is the log info
from the ipa-client-log (in /var/log/). I haven't tried the other stuff
yet, I'll respond back when I get a chance to check out the CA cert things.
2013-02-19T02:01:37Z DEBUG
17 matches
Mail list logo