On 6.10.2014 20:43, Alexander Bokovoy wrote:
On Mon, 06 Oct 2014, Nordgren, Bryce L -FS wrote:
The hostname put by ipa-client-install corresponds to the server to which this
client is enrolled. You enroll with a single server, after all.
How would one enroll with multiple IPA servers? For ins
Hi Martin and Nathan,
Thank you for providing that info.
Unfortunately, my IPA server is running on CentOS, and the latest IPA version
available through YUM is - 'ipa-server.i686 3.0.0-37.el6'.
The latest version of 389-DS through YUM is - '389-ds-base.i686
1.2.11.15-34.el6_5 '.
Nessus scan had
On Tue, 07 Oct 2014, Murty, Ajeet (US - Arlington) wrote:
Hi Martin and Nathan,
Thank you for providing that info.
Unfortunately, my IPA server is running on CentOS, and the latest IPA version
available through YUM is - 'ipa-server.i686 3.0.0-37.el6'.
The latest version of 389-DS through YUM is
Hi!
As Andrea Veri describes in the blog[1], GNOME Project's infrastructure
is now powered by FreeIPA. While GNOME was already using SSSD since very
early days of SSSD project, move to FreeIPA on the server side took more
time.
[1]
https://www.dragonsreach.it/2014/10/07/the-gnome-infrastructure
I edited both ldif files to remove fortezza_null. Looks like this now -
nsSSL3Ciphers: -rsa_null_md5,+rsa_rc4_128_md5,+rsa_rc4_40_md5,+rsa_rc2_40_md5,
+rsa_des_sha,+rsa_fips_des_sha,+rsa_3des_sha,+rsa_fips_3des_sha,+fortezza,+fo
rtezza_rc4_128_sha,+fortezza_null,+tls_rsa_export1024_with_rc4_56_s
Sorry, messed up copy paste, here is the edited section -
nsSSL3Ciphers: +rsa_rc4_128_md5,+rsa_rc4_40_md5,+rsa_rc2_40_md5,+rsa_des_sha,+
rsa_fips_des_sha,+rsa_3des_sha,+rsa_fips_3des_sha,+fortezza,+fortezza_rc4_128
_sha,+tls_rsa_export1024_with_rc4_56_sha,+tls_rsa_export1024_with_des_cbc_sha
nu
On Tue, 07 Oct 2014, Murty, Ajeet (US - Arlington) wrote:
I edited both ldif files to remove fortezza_null. Looks like this now -
nsSSL3Ciphers: -rsa_null_md5,+rsa_rc4_128_md5,+rsa_rc4_40_md5,+rsa_rc2_40_md5,
+rsa_des_sha,+rsa_fips_des_sha,+rsa_3des_sha,+rsa_fips_3des_sha,+fortezza,+fo
rtezza_rc
On 10/07/2014 12:16 PM, Murty, Ajeet (US - Arlington) wrote:
Sorry, messed up copy paste, here is the edited section -
nsSSL3Ciphers: +rsa_rc4_128_md5,+rsa_rc4_40_md5,+rsa_rc2_40_md5,+rsa_des_sha,+
rsa_fips_des_sha,+rsa_3des_sha,+rsa_fips_3des_sha,+fortezza,+fortezza_rc4_128
_sha,+tls_rsa_e
On 10/07/2014 11:58 AM, Alexander Bokovoy wrote:
> Hi!
>
> As Andrea Veri describes in the blog[1], GNOME Project's infrastructure
> is now powered by FreeIPA. While GNOME was already using SSSD since very
> early days of SSSD project, move to FreeIPA on the server side took more
> time.
>
> [1]
Dmitri,
Thanks very much.that did it. I'm making a special note of this one
and not storing it in the Outlook folders.
RE: looking through the various log files didn't seem to help as they are
someone confusing to the IM novice like myself.
Al
From: freeipa-users-boun...@redhat.com
On 7 October 2014 05:58, Alexander Bokovoy wrote:
> Hi!
>
> As Andrea Veri describes in the blog[1], GNOME Project's infrastructure
> is now powered by FreeIPA. While GNOME was already using SSSD since very
> early days of SSSD project, move to FreeIPA on the server side took more
> time.
Yup :)
Let me correct my last entry..in looking at the log files, I did come
across this error and the end of the ipaserver-install.log but
that was not one of the files or directories that had to be deleted as per the
corrective list of actions:
2014-10-07T12:53:04Z DEBUG The ipa-server-install co
On 6 October 2014 14:43, Alexander Bokovoy wrote:
> If you have some masters that are accessible by these isolated nodes,
> enroll isolated nodes against these masters. Nobody prevents you to
> select your deployment strategy and manipulate configuration files
> afterwards. Purpleidea's puppet mod
On 10/07/2014 04:16 AM, Murty, Ajeet (US - Arlington) wrote:
Sorry, messed up copy paste, here is the edited section -
nsSSL3Ciphers: +rsa_rc4_128_md5,+rsa_rc4_40_md5,+rsa_rc2_40_md5,+rsa_des_sha,+
rsa_fips_des_sha,+rsa_3des_sha,+rsa_fips_3des_sha,+fortezza,+fortezza_rc4_128
_sha,+tls_rsa_ex
Murty, Ajeet (US - Arlington) wrote:
> Sorry, messed up copy paste, here is the edited section -
>
> nsSSL3Ciphers: +rsa_rc4_128_md5,+rsa_rc4_40_md5,+rsa_rc2_40_md5,+rsa_des_sha,+
> rsa_fips_des_sha,+rsa_3des_sha,+rsa_fips_3des_sha,+fortezza,+fortezza_rc4_128
> _sha,+tls_rsa_export1024_with_rc4
I was shutting down IPA before making any changes -
1. Shutdown IPA -
[root]# /etc/init.d/ipa stop
Stopping CA Service
Stopping pki-ca: [ OK ]
Stopping HTTP Service
Stopping httpd:[ OK ]
Stopping MEMCACHE
On Tue, 07 Oct 2014, Murty, Ajeet (US - Arlington) wrote:
I was shutting down IPA before making any changes -
1. Shutdown IPA -
[root]# /etc/init.d/ipa stop
Stopping CA Service
Stopping pki-ca: [ OK ]
Stopping HTTP Service
Stopping httpd:
I shutdown IPA and modified both dse ldif files to look like this -
nsSSL3Ciphers:
-rsa_null_md5,+rsa_rc4_128_md5,+rsa_rc4_40_md5,+rsa_rc2_40_md5,
+rsa_des_sha,+rsa_fips_des_sha,+rsa_3des_sha,+rsa_fips_3des_sha,+fortezza,+fo
rtezza_rc4_128_sha,-fortezza_null,+tls_rsa_e
On Tue, 07 Oct 2014, Murty, Ajeet (US - Arlington) wrote:
I shutdown IPA and modified both dse ldif files to look like this -
nsSSL3Ciphers:
-rsa_null_md5,+rsa_rc4_128_md5,+rsa_rc4_40_md5,+rsa_rc2_40_md5,
+rsa_des_sha,+rsa_fips_des_sha,+rsa_3des_sha,+rsa_fips_3des_sha,+fortezza,
I removed the new lines, looks like this now -
modifyTimestamp: 20140915221826Z
nsSSL3Ciphers: -rsa_null_md5,+rsa_rc4_128_md5,+rsa_rc4_40_md5,+rsa_rc2_40_md5,
+rsa_des_sha,+rsa_fips_des_sha,+rsa_3des_sha,+rsa_fips_3des_sha,+fortezza,+fo
rtezza_rc4_128_sha,-fortezza_null,+tls_rsa_export1024_with
I've been following the steps outlined in section 7.3.5 of the manual entitled
Integrating OpenShift Enterprise
with Identity Management (IdM)
in Red Hat Enterprise Linux
OpenShift Enterprise 2.1
IdM in Red Hat Enterprise Linux 7
Windows Server 2012 - Active Directory Integration
I now have our
On 10/07/2014 09:27 AM, James wrote:
On 7 October 2014 05:58, Alexander Bokovoy wrote:
Hi!
As Andrea Veri describes in the blog[1], GNOME Project's infrastructure
is now powered by FreeIPA. While GNOME was already using SSSD since very
early days of SSSD project, move to FreeIPA on the server
On 10/07/2014 05:03 PM, Licause, Al (CSC AMS BCS - UNIX/Linux Network
Support) wrote:
I've been following the steps outlined in section 7.3.5 of the manual
entitled
Integrating OpenShift Enterprise
with Identity Management (IdM)
in Red Hat Enterprise Linux
OpenShift Enterprise 2.1
IdM in
Hello.
I am attempting to create trust between AD and IPA.
I have deployed AD environment as follows:
I have created domain RED.COM
Then i add new domain tree root - BLUE.COM.
Now i would like to establish trust with IPA as a sub domain (LINUX.BLUE.COM)
of BLUE.COM.
I followed the guide and wh
On 7 October 2014 19:54, Dmitri Pal wrote:
> On 10/07/2014 09:27 AM, James wrote:
>>
>> On 7 October 2014 05:58, Alexander Bokovoy wrote:
>>>
>>> Hi!
>>>
>>> As Andrea Veri describes in the blog[1], GNOME Project's infrastructure
>>> is now powered by FreeIPA. While GNOME was already using SSSD s
On Tue, Oct 07, 2014 at 12:58:09PM +0300, Alexander Bokovoy wrote:
> Hi!
>
> As Andrea Veri describes in the blog[1], GNOME Project's infrastructure
> is now powered by FreeIPA. While GNOME was already using SSSD since very
> early days of SSSD project, move to FreeIPA on the server side took more
On 10/07/2014 09:55 PM, Fraser Tweedale wrote:
On Tue, Oct 07, 2014 at 12:58:09PM +0300, Alexander Bokovoy wrote:
Hi!
As Andrea Veri describes in the blog[1], GNOME Project's infrastructure
is now powered by FreeIPA. While GNOME was already using SSSD since very
early days of SSSD project, move
On 7 October 2014 21:55, Fraser Tweedale wrote:
> This is great. Can we use the GNOME project's experience as a story
> or case study in promoting FreeIPA to other projects/communities?
> IMO we need a couple of examples like this on the freeipa.org front
> page.
I would recommend waiting a lit
Any ideas on what else I can try here?
Also, can we expect the new IPA and DS to be available in the CentOS/YUM
repository in the next few weeks/months?
Thanks again for all your help.
-Original Message-
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] O
On 10/07/2014 10:15 PM, Murty, Ajeet (US - Arlington) wrote:
Any ideas on what else I can try here?
Please file a ticket.
Also, can we expect the new IPA and DS to be available in the CentOS/YUM
repository in the next few weeks/months?
Thanks again for all your help.
-Original Message
Done. 'Bug 1150368 -Unable to disable Null Ciphers on 389-Directory-Server
using nsSSL3Ciphers in Ldif '
https://bugzilla.redhat.com/show_bug.cgi?id=1150368
Thanks.
-Original Message-
From: Rich Megginson [mailto:rmegg...@redhat.com]
Sent: Wednesday, October 08, 2014 12:37 AM
To: Murty
On Wed, 08 Oct 2014, Murty, Ajeet (US - Arlington) wrote:
Any ideas on what else I can try here?
Also, can we expect the new IPA and DS to be available in the CentOS/YUM
repository in the next few weeks/months?
In general, FreeIPA team doesn't do backports to older versions due to
tight coopera
32 matches
Mail list logo