On Tue, Mar 26, 2013 at 07:05:20PM -0400, Rob Crittenden wrote:
> David Redmond wrote:
> >Hi,
> >
> >I've setup FreeIPA for the first time and am using it successfully with
> >Linux and Solaris 10 clients. On 8 separate Solaris 9 clients I'm
> >running into an issue where 'kinit USER', for any user
The FreeIPA team is proud to announce bind-dyndb-ldap version 2.6.
It can be downloaded from https://fedorahosted.org/released/bind-dyndb-ldap/.
The new version has also been built for Fedora 18 and is on its way to
updates-testing:
https://admin.fedoraproject.org/updates/bind-dyndb-ldap-2.6-1
On 03/27/2013 02:11 AM, David Redmond wrote:
> Hi again,
>
> I've got a bit more information. I've found that I can successfully kinit on
> the Solaris 9 clients if, on the server, I change the user's password by:
>
> ipa-getkeytab -s SERVER -p USER@REALM -k krb5.keytab -P
>
> This works even if
On Wed, Mar 27, 2013 at 10:44:53AM +0100, Martin Kosek wrote:
> On 03/27/2013 02:11 AM, David Redmond wrote:
> > Hi again,
> >
> > I've got a bit more information. I've found that I can successfully kinit on
> > the Solaris 9 clients if, on the server, I change the user's password by:
> >
> > ipa
On 03/27/2013 11:36 AM, Sumit Bose wrote:
> On Wed, Mar 27, 2013 at 10:44:53AM +0100, Martin Kosek wrote:
>> On 03/27/2013 02:11 AM, David Redmond wrote:
>>> Hi again,
>>>
>>> I've got a bit more information. I've found that I can successfully kinit on
>>> the Solaris 9 clients if, on the server, I
On Wed, Mar 27, 2013 at 11:44:06AM +0100, Martin Kosek wrote:
> On 03/27/2013 11:36 AM, Sumit Bose wrote:
> > On Wed, Mar 27, 2013 at 10:44:53AM +0100, Martin Kosek wrote:
> >> On 03/27/2013 02:11 AM, David Redmond wrote:
> >>> Hi again,
> >>>
> >>> I've got a bit more information. I've found that
On Wed, 2013-03-27 at 12:23 +0100, Sumit Bose wrote:
> >
> > I did (as admin@REALM user). But we hardcode root/admin@REALM if
> this is
> > administrative change:
> >
> > ipapwd_chpwop():
> > ...
> > if (pwdata.changetype == IPA_CHANGETYPE_NORMAL) {
> > principal = slapi_entry_attr_ge
Hello,
I'm trying to point a Solaris 10 server to use IPA as it's "NIS Server".
The Solaris 10 server has no issues communicating with IPA but it can only see
a few maps (Users, Groups).
Looking at the documentation it says you can add entries so I tried to for
Hosts but I can't get ypcat hosts
On Wed, Mar 27, 2013 at 11:07:44AM -0400, Joseph, Matthew (EXP) wrote:
> Here is the entry that is in dse.ldif:
>
> Dn= nis-domain=domain.ca+nis-map=hosts.byname,CN=NIS
> Server,cn=plugin,cn=config
> objectClass: top
> objectClass: extensibleObject
> nis-map: hosts.byname
> nis=base: cn=computers
I run the ipa-getkeytab command as the user I'm changing the password for.
New info: On the server, in my /etc/krb5.conf file I have
"allow_weak_crypto = true". If I remove that from the file, changing the
password via ipa-getkeytab no longer works. The kinit command on the
Solaris client results
I didn't ask to run ipa-getkeytab,
can you do the following:
1. login to a linux client
2. change the user password as an admin
3. kinit as the user (and perform the password change as it will be
requested)
4. go to the solaris box and now try the kinit using the new password
Does step 4 work if
I've done 1,2,3 many times. 4 always fails.
I realize you didn't ask for the info about allow_weak_crypto. I included
it because it seems to me that it's a telling bit of info.
On Wed, Mar 27, 2013 at 9:50 AM, Simo Sorce wrote:
> I didn't ask to run ipa-getkeytab,
> can you do the following:
>
On Wed, 2013-03-27 at 09:56 -0700, David Redmond wrote:
> I've done 1,2,3 many times. 4 always fails.
>
> I realize you didn't ask for the info about allow_weak_crypto. I
> included it because it seems to me that it's a telling bit of info.
Ok can you run klist -e -kt file.keytab on the keytab yo
On Wed, Mar 27, 2013 at 01:42:58PM -0400, Joseph, Matthew (EXP) wrote:
> Hey Nalin,
>
> Sorry typo on my part. It does say nis-base.
Alright then. The next thing to check is if the directory entries the
plugin's finding have data that the plugin expects to use to create
entries in the NIS map.
Hey Nalin,
Sorry typo on my part. It does say nis-base.
-Original Message-
From: Nalin Dahyabhai [mailto:na...@redhat.com]
Sent: Wednesday, March 27, 2013 12:57 PM
To: Joseph, Matthew (EXP)
Cc: freeipa-users@redhat.com
Subject: EXTERNAL: Re: [Freeipa-users] IPA - NIS Compatability
On We
15 matches
Mail list logo