Re: [Freeipa-users] Installation issues with sub-ca.

Ok, this is funny: - [root@dbm13 ca_rotta]# certutil -d sql:[nss db] -K certutil: Checking token "NSS Certificate DB" in slot "NSS User Private Key and Certificate Services" Enter Password or Pin f

[Freeipa-users] Sudo rule still working after deactivation

During our evaluation phase we're facing following problem. One particular user were granted sudo permission with the help of a sudo rule. The user can successfully access the host via SSH and switched to user root by using the sudo command, which was enabled for the user with the sudo rule. Aft

Re: [Freeipa-users] Sudo rule still working after deactivation

On Wed, Nov 13, 2013 at 05:26:32PM +0100, David Kreuter wrote: > During our evaluation phase we're facing following problem. One particular > user were granted sudo permission with the help of a sudo rule. The user can > successfully access the host via SSH and switched to user root by using the

Re: [Freeipa-users] Sudo rule still working after deactivation

On 11/13/2013 05:40 PM, Jakub Hrozek wrote: On Wed, Nov 13, 2013 at 05:26:32PM +0100, David Kreuter wrote: During our evaluation phase we're facing following problem. One particular user were granted sudo permission with the help of a sudo rule. The user can successfully access the host via SS

Re: [Freeipa-users] Installation issues with sub-ca.

Andrea Bontempi wrote: Ok, this is funny: - [root@dbm13 ca_rotta]# certutil -d sql:[nss db] -K certutil: Checking token "NSS Certificate DB" in slot "NSS User Private Key and Certificate Services

Re: [Freeipa-users] Pure Kerberos login on Windows stopped working

On Tue, 2013-11-12 at 21:50 +0100, Nicklas Björk wrote: > On 2013-11-12 21:39, Simo Sorce wrote: > > On Tue, 2013-11-12 at 21:11 +0100, Nicklas Björk wrote: > >> In our evironment we have very limited amount of shared virtual Windows > >> 7 machines. We haven't really seen any value in setting up a

Re: [Freeipa-users] Pure Kerberos login on Windows stopped working

On 2013-11-13 20:00, Simo Sorce wrote: > On Tue, 2013-11-12 at 21:50 +0100, Nicklas Björk wrote: >> On 2013-11-12 21:39, Simo Sorce wrote: >>> On Tue, 2013-11-12 at 21:11 +0100, Nicklas Björk wrote: In our evironment we have very limited amount of shared virtual Windows 7 machines. We hav

[Freeipa-users] CA expiration and renewal

Folks just wanted to touch base again before the American holiday season starts. My CA, which is subordinate to AD CS will be expiring on December 9th, I submitted a bug, y'all drew up docs etc for a plan (thanks). Now I just wanted to see how it was going and if need be what manual steps I will ne