On Thu, May 30, 2013 at 07:23:38PM -0400, Dmitri Pal wrote:
On 05/30/2013 06:52 PM, Chandan Kumar wrote:
Hello,
As part of migration from passwd/shadow to IPA, I want to roll out
IPA/SSSD based password first for a small number of users and then for
all. (same goes with host. first
On 05/31/2013 09:37 AM, Sumit Bose wrote:
On Fri, May 31, 2013 at 06:52:27AM +, Ondrej Valousek wrote:
Hi List,
I have a question - is it possible to use AD trust the way that:
1. All users are stored in AD
2. All Unix specific information (automount maps, sudo rules, HBAC rules)
are
Hi! I'm writing a web UI to front-end a ipa host-add . . . the web
ui runs as a special user who I would like to give credentials to allow
it to be able to run the ipa commands necessary . . . I thought I would
need to give it a host privilege, but I'm bumping up into the following:
ipa:
As far as my understanding goes it does not stop even if I disable cache
credentials. I set following parameters in sssd.conf but still UID 2 is
able to login.
cache_credentials = False
krb5_store_password_if_offline = False
min_id=5000
max_id=5010
enumerate = False
entry_cache_timeout=3
Guy Matz wrote:
Hi! I'm writing a web UI to front-end a ipa host-add . . . the web
ui runs as a special user who I would like to give credentials to allow
it to be able to run the ipa commands necessary . . . I thought I would
need to give it a host privilege, but I'm bumping up into the
Sorry, should have mentioned that. I had host principal and have since
added ldap:
# klist -k krb5.keytab
Keytab name: FILE:krb5.keytab
KVNO Principal
--
3 host/ipadevmstr.collmedia@collmedia.net
3
Guy Matz wrote:
Sorry, should have mentioned that. I had host principal and have since
added ldap:
# klist -k krb5.keytab
Keytab name: FILE:krb5.keytab
KVNO Principal
--
3
On 05/31/2013 08:39 AM, rashard.ke...@sita.aero wrote:
I am working on a team to plan a migration to IPA on our UNIX based
systems. One thing I was seeking information on is Computer groups. If
a trust is established with our campus AD infrasturcture, will its
computer groups be shared with