Hi,
I've been following the AD integration guide for IPAv3:
http://www.freeipa.org/page/Howto/IPAv3_AD_trust_setup
My setup is:
• 5 domain controllers with Windows 2008 R2 AD DC - example.com as Forest
Root Domain and acme.example.com as transitive child domain
• RHEL7 as IPA server with domain:
On Tue, 14 Oct 2014 10:58:36 -0600
Clint Savage her...@gmail.com wrote:
Hi all,
I've been working on a migration plan using three custom user
objectClasses and one group objectclass. In my attempt, I've setup an
openldap server with the proper schemas, imported the ldif and have
records
On Wed, 15 Oct 2014, crony wrote:
Hi,
I've been following the AD integration guide for IPAv3:
http://www.freeipa.org/page/Howto/IPAv3_AD_trust_setup
My setup is:
• 5 domain controllers with Windows 2008 R2 AD DC - example.com as Forest
Root Domain and acme.example.com as transitive child domain
Alex,
thank you. Now it works, but not completely:
1.
[leszek@ipa1 ~]$ ssh ipatst03.linux.acme.example.com -l
us...@acme.example.com
Password:
Last login: Wed Oct 15 16:11:27 2014
-sh-4.1$ id
uid=127283727(us...@acme.example.com) gid=127283727(us...@acme.example.com)
On Wed, Oct 15, 2014 at 04:31:55PM +0200, crony wrote:
Alex,
thank you. Now it works, but not completely:
1.
[leszek@ipa1 ~]$ ssh ipatst03.linux.acme.example.com -l
us...@acme.example.com
Password:
Last login: Wed Oct 15 16:11:27 2014
-sh-4.1$ id
I have extended the schema with the custom objectclasses. They show up
properly in /etc/dirsrv/slapd-EXAMPLE-COM/schema/99user.ldif. I did the
import with ldapmodify using the following schemas. It's a bit long, but
hopefully it helps.
# cat customPersonAttributes.ldif
dn: cn=schema
changetype:
Thank you both. I successfully set up a new profile on the server and am able
to use it with authentication. It seems to work for existing users but I am
having issues when I add new user access via HBAC so I am trying to figure that
part out. There are a few options I can invoke using
On 10/14/2014 06:58 PM, Clint Savage wrote:
Hi all,
I've been working on a migration plan using three custom user
objectClasses and one group objectclass. In my attempt, I've setup an
openldap server with the proper schemas, imported the ldif and have
records that look something like this
Ludwig Krispenz wrote:
On 10/14/2014 06:58 PM, Clint Savage wrote:
Hi all,
I've been working on a migration plan using three custom user
objectClasses and one group objectclass. In my attempt, I've setup an
openldap server with the proper schemas, imported the ldif and have
records that
$ rpm -q ipa-server
ipa-server-3.3.3-28.el7.centos.1.x86_64
I was thinking that this might be an issue with the rhel7 version. I'm
going to be trying the same migration tonight on rhel6. I know the IPA
version is older, and samba stuff might not work as it does in 3.3. I
haven't looked in RHEL
On 10/15/2014 02:05 PM, Rob Crittenden wrote:
Clint Savage wrote:
$ rpm -q ipa-server
ipa-server-3.3.3-28.el7.centos.1.x86_64
I was thinking that this might be an issue with the rhel7 version. I'm
going to be trying the same migration tonight on rhel6. I know the IPA
version is older, and
Thanks for all the info. I think I will wait for the 4.1 update.
This message (including any attachments) contains confidential information
intended for a specific individual and purpose, and is protected by law. If you
are not the intended recipient, you should delete this message and any
On Wed, Oct 15, 2014 at 2:33 PM, Rich Megginson rmegg...@redhat.com wrote:
On 10/15/2014 02:05 PM, Rob Crittenden wrote:
Clint Savage wrote:
$ rpm -q ipa-server
ipa-server-3.3.3-28.el7.centos.1.x86_64
I was thinking that this might be an issue with the rhel7 version. I'm
going to be
On 10/15/2014 06:43 PM, Clint Savage wrote:
On Wed, Oct 15, 2014 at 2:33 PM, Rich Megginson rmegg...@redhat.com
mailto:rmegg...@redhat.com wrote:
On 10/15/2014 02:05 PM, Rob Crittenden wrote:
Clint Savage wrote:
$ rpm -q ipa-server
On 10/15/2014 04:43 PM, Clint Savage wrote:
On Wed, Oct 15, 2014 at 2:33 PM, Rich Megginson rmegg...@redhat.com
mailto:rmegg...@redhat.com wrote:
On 10/15/2014 02:05 PM, Rob Crittenden wrote:
Clint Savage wrote:
$ rpm -q ipa-server
On Wed, Oct 15, 2014 at 5:04 PM, Rich Megginson rmegg...@redhat.com wrote:
On 10/15/2014 04:43 PM, Clint Savage wrote:
On Wed, Oct 15, 2014 at 2:33 PM, Rich Megginson rmegg...@redhat.com
wrote:
On 10/15/2014 02:05 PM, Rob Crittenden wrote:
Clint Savage wrote:
$ rpm -q ipa-server
On 10/15/2014 05:29 PM, Clint Savage wrote:
On Wed, Oct 15, 2014 at 5:04 PM, Rich Megginson rmegg...@redhat.com
mailto:rmegg...@redhat.com wrote:
On 10/15/2014 04:43 PM, Clint Savage wrote:
On Wed, Oct 15, 2014 at 2:33 PM, Rich Megginson
rmegg...@redhat.com
Rich,
Sorry about that. Thanks for the help.
http://ur1.ca/idu6a -- should be there at least for a few days.
Clint
On Wed, Oct 15, 2014 at 9:51 PM, Rich Megginson rmegg...@redhat.com wrote:
On 10/15/2014 05:29 PM, Clint Savage wrote:
On Wed, Oct 15, 2014 at 5:04 PM, Rich Megginson
18 matches
Mail list logo