[Freeipa-users] sudo rule applied to a host group

2013-08-13 Thread Alexandre Ellert
Hi, I'm trying to get working a sudo rule for a group of user, basically if want to allow all the developers (dev-users) to become root on developers servers (dev-servers). When this rule is applied to a single host or all hosts or severals named host, it works fine : dev-users can sudo

[Freeipa-users] ldap connection over tcp/ip

2013-08-13 Thread Mindaugas Deveikis
Hi We try to do a very simple situation. Our ldap server is on different machine than IPA server. So we try to use tcp/ip connection. All that we do is just edit default.conf file on IPA server and change ldap_uri line value from socket to IP address. But after that change, an error

Re: [Freeipa-users] ldap connection over tcp/ip

2013-08-13 Thread Rob Crittenden
Mindaugas Deveikis wrote: Hi We try to do a very simple situation. Our ldap server is on different machine than IPA server. So we try to use tcp/ip connection. All that we do is just edit default.conf file on IPA server and change ldap_uri line value from socket to IP address. But after

Re: [Freeipa-users] sudo rule applied to a host group

2013-08-13 Thread Rob Crittenden
Alexandre Ellert wrote: Hi, I'm trying to get working a sudo rule for a group of user, basically if want to allow all the developers (dev-users) to become root on developers servers (dev-servers). When this rule is applied to a single host or all hosts or severals named host, it works fine :

Re: [Freeipa-users] sudo rule applied to a host group

2013-08-13 Thread Alexandre Ellert
Thank you so much Rob ! It works juste fine :) Alexandre Le 13 août 2013 à 14:42, Rob Crittenden rcrit...@redhat.com a écrit : Alexandre Ellert wrote: Hi, I'm trying to get working a sudo rule for a group of user, basically if want to allow all the developers (dev-users) to become root

[Freeipa-users] Upgrade failed -- how to recover?

2013-08-13 Thread Bret Wortman
I just upgraded my IPA master from F17 to F18 and, in the process, updated IPA to 3.1.5-1. Apparently, though, all is not well, because there are a number of errors in /var/log/ipaupgrade.loghttp://bl-1.com/click/load/BzZcbVU2VmpTOwFsCD4-b0231, mostly related to things like (samples here; the

Re: [Freeipa-users] Upgrade failed -- how to recover?

2013-08-13 Thread Bret Wortman
I tried this, but no joy: # /usr/sbin/ipa-upgradeconfig --debug : : DEBUG: caSignedLogCert.cfghttp://bl-1.com/click/load/VWRaa1w-b0221U28CYQNlAT4-b0231profile validity range is 720 INFO: [Certificate renewal should stop the CA] ERROR: Unable to find certmonger request ID for auditSigning Cert

Re: [Freeipa-users] Upgrade failed -- how to recover?

2013-08-13 Thread Rob Crittenden
Bret Wortman wrote: I tried this, but no joy: # /usr/sbin/ipa-upgradeconfig --debug : : DEBUG: caSignedLogCert.cfg http://bl-1.com/click/load/VWRaa1w-b0221U28CYQNlAT4-b0231 profile validity range is 720 INFO: [Certificate renewal should stop the CA] ERROR: Unable to find certmonger request ID

Re: [Freeipa-users] Freeipa-users Digest, Vol 61, Issue 21

2013-08-13 Thread Aissa Brahimi
://about.me/wortmanbret http://bl-1.com/click/load/XWwMPV0-b0221UW0CagZrBjM-b0231 -- next part -- An HTML attachment was scrubbed... URL: https://www.redhat.com/archives/freeipa-users/attachments/20130813/f32400c2/attachment.html