On 08/19/2014 11:08 PM, Chris Whittle wrote:
Here is what I get if I try to start it manually... Any ideas?
[root@itservices /]# /usr/sbin/ipactl start
Starting Directory Service
Starting dirsrv:
COLLECTIVEBIAS-COM... [ OK ]
PKI-IPA...
Hi Petr,
Thanks for your help the other day.
Something is bringing down my master instance.
i am seeing mismatch on master
[root@master init.d]# kvno DNS/master.domain@domain.com
DNS/master.domain@domain.com: kvno = 8
[root@master init.d]# klist -kt /etc/named.keytab
Keytab name:
On 20.8.2014 10:02, Peter Grant wrote:
Hi Petr,
Thanks for your help the other day.
Something is bringing down my master instance.
i am seeing mismatch on master
[root@master init.d]# kvno DNS/master.domain@domain.com
DNS/master.domain@domain.com: kvno = 8
[root@master init.d]# klist
On 08/19/2014 07:55 PM, Joshua J. Kugler wrote:
A replica must connect to the master for initial setup; after that, the master
pushes to the replica.
j
On Tuesday, August 19, 2014 09:26:11 Ludwig Krispenz wrote:
What's wrong with your scenario B: master(s) in internal network, they
can
On 08/20/2014 06:23 AM, barry...@gmail.com wrote:
Dear all:
I got 2 servers as cluster ... how can i redirect all logs server2 's
/var/log/dirsrv/slapd-abc.com/access http://slapd-abc.com/access to
server 1 's /var/log/dirsrv/slapd-abc.com/access
http://slapd-abc.com/access
so i can view
hi
Having a particularly weird problem. We have moved from AD(windows 2008
R2)
to ipa server(centos 6.5). and i integrated ipa with AD
machine linux joined with ipa and machine windowse joined with AD.
users AD can loggin in cli mode in system linux (centos 6.5)
but can not
On 20.8.2014 10:58, Dmitri Pal wrote:
On 08/19/2014 07:55 PM, Joshua J. Kugler wrote:
A replica must connect to the master for initial setup; after that, the master
pushes to the replica.
j
On Tuesday, August 19, 2014 09:26:11 Ludwig Krispenz wrote:
What's wrong with your scenario B:
How is the best way to determine the version?
On Wed, Aug 20, 2014 at 2:29 AM, Martin Kosek mko...@redhat.com wrote:
On 08/19/2014 11:08 PM, Chris Whittle wrote:
Here is what I get if I try to start it manually... Any ideas?
[root@itservices /]# /usr/sbin/ipactl start
Starting
On 08/20/2014 01:45 PM, alireza baghery wrote:
hi
Having a particularly weird problem. We have moved from AD(windows
2008 R2)
to ipa server(centos 6.5). and i integrated ipa with AD
machine linux joined with ipa and machine windowse joined with AD.
users AD can loggin in cli
$ rpm -q freeipa-server
if you are running on Fedora.
$ rpm -q ipa-server
if you are running on RHEL/CentOS.
FreeIPA 4.0 later also show version with
$ ipa --version
or in Web UI.
Martin
On 08/20/2014 02:54 PM, Chris Whittle wrote:
How is the best way to determine the version?
On Wed,
ipa-server-3.0.0-37.el6.x86_64
I also found this with no solution
https://www.redhat.com/archives/freeipa-users/2013-July/msg00133.html
On Wed, Aug 20, 2014 at 8:04 AM, Martin Kosek mko...@redhat.com wrote:
$ rpm -q freeipa-server
if you are running on Fedora.
$ rpm -q ipa-server
if
Dmitri Pal wrote:
On 08/20/2014 06:23 AM, barry...@gmail.com wrote:
Dear all:
I got 2 servers as cluster ... how can i redirect all logs server2 's
/var/log/dirsrv/slapd-abc.com/access http://slapd-abc.com/access to
server 1 's /var/log/dirsrv/slapd-abc.com/access
On 08/20/2014 02:55 PM, Petr Spacek wrote:
On 20.8.2014 10:58, Dmitri Pal wrote:
On 08/19/2014 07:55 PM, Joshua J. Kugler wrote:
A replica must connect to the master for initial setup; after that,
the master
pushes to the replica.
j
On Tuesday, August 19, 2014 09:26:11 Ludwig Krispenz
Petr Spacek wrote:
On 20.8.2014 10:02, Peter Grant wrote:
Hi Petr,
Thanks for your help the other day.
Something is bringing down my master instance.
i am seeing mismatch on master
[root@master init.d]# kvno DNS/master.domain@domain.com
DNS/master.domain@domain.com: kvno = 8
Original Message
Subject: Re: [Freeipa-users] Improving FreeIPA.org
Date: Tue, 19 Aug 2014 16:33:49 +
From: Choudhury, Suhail suhail.choudh...@bskyb.com
To: freeipa-users@redhat.com freeipa-users@redhat.com
Hi,
I think a small screenshot
Walid wrote:
Hello All,
What is the recommendation on having ipa2 clients connecting to IPA 3
server, we have some RHEL5.3 clients (I know they are EOL, however end
user still wants as it is) that we would like to connect them to IPA
3.x server running RHEL6.5.
Should work fine with no
All,
I'm setting up a new replicated master (CentOS7) from a CentOS 6.5
original master. I added the patch (to the freeIPA 3.3 on CentOS 7) from
https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=8c98561c209d0ccaa692a335e3e9a10aec23ee0e
to handle the 2 replication IDs bug.
The replication
yes right. ipa trust relation with AD and subdomain AD. yes gde produce log
On Wed, Aug 20, 2014 at 5:27 PM, Dmitri Pal d...@redhat.com wrote:
On 08/20/2014 01:45 PM, alireza baghery wrote:
hi
Having a particularly weird problem. We have moved from AD(windows
2008 R2)
to ipa
Jim Kinney wrote:
All,
I'm setting up a new replicated master (CentOS7) from a CentOS 6.5
original master. I added the patch (to the freeIPA 3.3 on CentOS 7) from
https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=8c98561c209d0ccaa692a335e3e9a10aec23ee0e
to handle the 2 replication
On 08/20/2014 04:29 PM, alireza baghery wrote:
yes right. ipa trust relation with AD and subdomain AD. yes gde
produce log
It seems that you have some custom polkit policy that fails to load. Did
you play with some polkit policies?
On Wed, Aug 20, 2014 at 5:27 PM, Dmitri Pal
Hi,
We are attempting to run ipa-client-install in the %post section of a Kickstart
in order to join the host to an IPA domain (3.3/RHEL7 IdM). We are using
something like:
/usr/sbin/ipa-client-install -w 'one-time-password' --realm=REALM.COM -U
--no-ssh --no-sshd --no-ntp --domain=realm.com
On 08/20/2014 09:18 AM, Baird, Josh wrote:
Hi,
We are attempting to run ipa-client-install in the %post section of a Kickstart
in order to join the host to an IPA domain (3.3/RHEL7 IdM). We are using
something like:
/usr/sbin/ipa-client-install -w 'one-time-password' --realm=REALM.COM -U
Found a solution:
The first replica I built did not have the CA replication setup. So I
ran the ipa-ca-install with it's original replica file on the first
replica.
Now that system is able to generate a replica.gpg file for the new
centos7 box. The new box replicated just fine and all is well
Hi,
I'm attempting to establish a trust between FreeIPA 3.3 and AD 2008 R2. My IPA
domain consists of two servers (one master and one replica). I have verified
that DNS is configured properly as the IPA domain can resolve AD and the AD
domain can resolve IPA hosts.
On each IPA server, I
Thanks Dmitri, so sssd is out of the picture in this case?
On 20 August 2014 16:43, Dmitri Pal d...@redhat.com wrote:
On 08/20/2014 03:30 PM, Walid wrote:
Hello All,
What is the recommendation on having ipa2 clients connecting to IPA 3
server, we have some RHEL5.3 clients (I know they
Thanks Rob, we have native python2.4, and anaconda python 2.7, so i guess
if anything needs python 2.6 or greater it would not be an issue. I am
just wondering if there are people using the upstream project in such a
legacy system ;-)
On 20 August 2014 16:55, Rob Crittenden rcrit...@redhat.com
Walid wrote:
Thanks Rob, we have native python2.4, and anaconda python 2.7, so i
guess if anything needs python 2.6 or greater it would not be an issue.
I am just wondering if there are people using the upstream project in
such a legacy system ;-)
It's not just python, it's all the modules
On 08/20/2014 09:43 PM, Rob Crittenden wrote:
Walid wrote:
Thanks Rob, we have native python2.4, and anaconda python 2.7, so i
guess if anything needs python 2.6 or greater it would not be an issue.
I am just wondering if there are people using the upstream project in
such a legacy system ;-)
On Wed, 20 Aug 2014, Baird, Josh wrote:
Hi,
I'm attempting to establish a trust between FreeIPA 3.3 and AD 2008 R2.
My IPA domain consists of two servers (one master and one replica). I
have verified that DNS is configured properly as the IPA domain can
resolve AD and the AD domain can resolve
On 08/20/2014 05:01 PM, William wrote:
Hi,
Semi offtopic, how does one search with ldap for an attribute instance
with a trailing space. Consider:
cn=foo
How do you distinguish this from cn=foo in an ldapsearch? I have
tried:
ldapsearch (cn=foo)
ldapsearch (cn='foo ')
ldapsearch
How did you manage to add an attribute value with a trailing space?
Excellent question: Someone else in my workplace managed to stuff this
one up, so that a users objectClass has a trailing space, thus is
returning is base64 on search now.
--
William will...@firstyear.id.au
--
Manage
On 08/20/2014 05:28 PM, William wrote:
How did you manage to add an attribute value with a trailing space?
Excellent question: Someone else in my workplace managed to stuff this
one up, so that a users objectClass has a trailing space, thus is
returning is base64 on search now.
Ok. As to
Is there instructions anywhere? My FreeIPA 3 on CentOS died so I'm
starting over
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
Hi All,
Am about to start rolling out clinet installs on rhel6 hosts with dns
autodiscovery.
Enviroment: rhel6, ipa-3.0.0-37.el6.
I already have setup SRV records for Kerberos and ldap etc.
Are the following ntp records as SRV records necessary also?
;ntp server
_ntp._udp IN
On 21.08.2014 04:27, Chris Whittle wrote:
Is there instructions anywhere? My FreeIPA 3 on CentOS died so I'm
starting over
there is no server for ubuntu/debian yet
--
t
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go
35 matches
Mail list logo
