Hi,
I have created the sync user with:
- *Replicating directory changes* rights to the synchronized Active
Directory subtree.
- A member of the *Account Operator* and *Enterprise Read-Only Domain
controller* groups.
The user attribute syncronization is working fine, however the passync from
IPA
On 11/11/2013 11:14 PM, Stephen Benjamin wrote:
Hi,
I've been working on getting Foreman and my FreeIPA instance completely
integrated:
https://bitbin.de/blog/2013/11/foreman-freeipa-integration-guide/
But I have an issue, I have a user that has limited roles for Host
Enrollment,
- Original Message -
From: Martin Kosek mko...@redhat.com
To: Stephen Benjamin stben...@redhat.com, freeipa-users@redhat.com
Sent: Tuesday, November 12, 2013 9:57:04 AM
Subject: Re: [Freeipa-users] Remove Host Permission Not Working
e out the right one to give.
There should not be
On 11/12/2013 01:29 AM, gflwqs gflwqs wrote:
Hi,
I have created the sync user with:
- *Replicating directory changes* rights to the synchronized Active
Directory subtree.
- A member of the *Account Operator* and *Enterprise Read-Only Domain
controller* groups.
The user attribute
I found the reason for the failure of the installation.
The script uses a NSS db locate under /tmp:
---
Certificate Nickname Trust Attributes
On 11/12/2013 02:14 PM, Stephen Benjamin wrote:
- Original Message -
From: Martin Kosek mko...@redhat.com
To: Stephen Benjamin stben...@redhat.com, freeipa-users@redhat.com
Sent: Tuesday, November 12, 2013 9:57:04 AM
Subject: Re: [Freeipa-users] Remove Host Permission Not Working
e
Andrea Bontempi wrote:
I found the reason for the failure of the installation.
The script uses a NSS db locate under /tmp:
---
Certificate Nickname Trust Attributes
On 11/12/2013 11:36 AM, Rob Crittenden wrote:
This is basically what I saw too. I'm waiting on someone from the NSS
team to get back to me. This must have something to do with the way that
OpenSSL validates certs vs NSS. Apparently NSS is being more picky but I
don't know why yet.
FWIW the
In our evironment we have very limited amount of shared virtual Windows
7 machines. We haven't really seen any value in setting up an AD domain
for them, but have been relying on pure Kerberos authentication using
the ksetup procedure
On Tue, 2013-11-12 at 21:11 +0100, Nicklas Björk wrote:
In our evironment we have very limited amount of shared virtual Windows
7 machines. We haven't really seen any value in setting up an AD domain
for them, but have been relying on pure Kerberos authentication using
the ksetup procedure
Hi,
Not sure on the details here so please bear with me When passsync is setup some
users can be exempted from the sync.
So I have 2 questions or requests for features maybe.
This feature is good, however there is nothing within the IPA system that I can
see that prevents a user manually
On 2013-11-12 21:39, Simo Sorce wrote:
On Tue, 2013-11-12 at 21:11 +0100, Nicklas Björk wrote:
In our evironment we have very limited amount of shared virtual Windows
7 machines. We haven't really seen any value in setting up an AD domain
for them, but have been relying on pure Kerberos
On 11/12/2013 03:47 PM, Steven Jones wrote:
Hi,
Not sure on the details here so please bear with me When passsync is setup
some users can be exempted from the sync.
So I have 2 questions or requests for features maybe.
This feature is good, however there is nothing within the IPA system
Hi,
Winsync does not sync password hashes. Passsync syncs passwords and then
causes the creation of the hashes.
yep, thats whatt I expected, I just didnt word it well.
I just wondered if we could receive the plain text password then hash it, then
for an excluded user compare hashes and if they
Steven Jones wrote:
Hi,
Winsync does not sync password hashes. Passsync syncs passwords and then
causes the creation of the hashes.
yep, thats whatt I expected, I just didnt word it well.
I just wondered if we could receive the plain text password then hash it, then
for an excluded user
Yes will do.
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University ITS,
Level 8 Rankin Brown Building,
Wellington, NZ
6012
0064 4 463 6272
From: Rob Crittenden [rcrit...@redhat.com]
Sent: Wednesday, 13 November 2013 12:20 p.m.
16 matches
Mail list logo