Re: [Freeipa-users] Promoting ipa 4.1 on Centos 7 replica to master

Hi, I have updated with information for IPA 4.0+. Honza Dne 15.1.2015 v 17:46 Rui Gomes napsal(a): Hello Rob, Thank you for the quick reply, I will give it a go, I wasn't sure if the links would work since most the o

Re: [Freeipa-users] I think I trashed my FreeIPA CA - how to recover?

Dne 15.1.2015 v 15:29 Bill Peck napsal(a): On Thu, Jan 15, 2015 at 3:26 AM, Jan Cholasta mailto:jchol...@redhat.com>> wrote: Hi, Dne 14.1.2015 v 14:54 Brian Topping napsal(a): Hi Martin, thanks for your response! What I realize now is the certificate CRL poin

Re: [Freeipa-users] migrate-ds aborts

On 01/16/2015 08:43 AM, Martin Kosek wrote: On 01/15/2015 06:31 PM, Quayle, Bill wrote: I am migrating an openLDAP tree into ipa, and when I run ipa migrate-ds, the migration aborts after roughly 36 seconds with: ipa: ERROR: cannot connect to 'ldap://10.x.x.x:389’: It has transferred 9762 re

Re: [Freeipa-users] migrate-ds aborts

On 01/16/2015 09:14 AM, Ludwig Krispenz wrote: On 01/16/2015 08:43 AM, Martin Kosek wrote: On 01/15/2015 06:31 PM, Quayle, Bill wrote: I am migrating an openLDAP tree into ipa, and when I run ipa migrate-ds, the migration aborts after roughly 36 seconds with: ipa: ERROR: cannot connect to 'ld

Re: [Freeipa-users] DNS Design for FreeIPA4

On 15.1.2015 20:51, Baird, Josh wrote: > Hi, > > We are currently piloting FreeIPA4 (RHEL 7.1 IdM) in our environment. We > plan on establishing a trust with AD at some point during the POC. An > overview of the current DNS design: > > * FreeIPA runs integrated DNS (ie, ipa.domain.com) > * Se

Re: [Freeipa-users] migrate-ds aborts

Thanks for looking into this! I was finally able to import all 11811 user records into IPA, but even now, when I re-run the migrate, I get the same failure. I enabled debug in the default.cfg, and this is the tail of the httpd error_log: . . . [Fri Jan 16 09:28:29.046991 2015] [:error] [pid 14

Re: [Freeipa-users] FreeIPA 4.1, OSX 10.9 and secondary groups

I emailed the author of the howto, so hopefully he will update it. I still think it would make sense to have this information (how to setup an OSX 10.7+ client) documented directly on freeipa.org like http://www.freeipa.org/page/FreeIPAv1:ConfiguringMacintoshClients, or at least have a link to htt

Re: [Freeipa-users] FreeIPA 4.1, OSX 10.9 and secondary groups

Sorry, I didn't look close enough, so missed the link to HowTos under "Additional Resources"... On Fri, Jan 16, 2015 at 5:31 PM, Ejner Fergo wrote: > I emailed the author of the howto, so hopefully he will update it. > > I still think it would make sense to have this information (how to setup >

Re: [Freeipa-users] Can I revert back the hostname on client

>>What doesn't work? We have glassfish running on few of the hosts. That refuses to restart after the hostname change. ( However, looks like someone found a way out). I did not face issues with that today. So, that I guess is pretty much fixable. Apart from that, At the moment we do not see any oth

Re: [Freeipa-users] DNS Design for FreeIPA4

‎Josh, First, sorry for top posting, on a stupid cell. You miss the point that dns is not only used for name resolution, but also hosting configurations. If something is not right about dns, lots of incorrect info will be embedded on your ipa clients. Make it simple as Simon said and point you

Re: [Freeipa-users] DNS Design for FreeIPA4

On Fri, 16 Jan 2015 11:58:12 -0500 William Muriithi wrote: > ‎Josh, > > First, sorry for top posting, on a stupid cell. > > You miss the point that dns is not only used for name resolution, but > also hosting configurations. If something is not right about dns, > lots of incorrect info will be

Re: [Freeipa-users] migrate-ds aborts

On 01/16/2015 04:48 PM, Quayle, Bill wrote: Thanks for looking into this! I was finally able to import all 11811 user records into IPA, but even now, when I re-run the migrate, I get the same failure. How did you do it in the end? Simply by running migrate-ds command multiple times or did yo

Re: [Freeipa-users] migrate-ds aborts

> -Original Message- > From: Martin Kosek [mailto:mko...@redhat.com] > Sent: Friday, January 16, 2015 12:51 PM > To: Quayle, Bill; Ludwig Krispenz > Cc: 'freeipa-users@redhat.com' > Subject: Re: [Freeipa-users] migrate-ds aborts > > On 01/16/2015 04:48 PM, Quayle, Bill wrote: > > Thanks

Re: [Freeipa-users] FreeIPA 4.1, OSX 10.9 and secondary groups

On 01/16/2015 11:36 AM, Ejner Fergo wrote: Sorry, I didn't look close enough, so missed the link to HowTos under "Additional Resources"... On Fri, Jan 16, 2015 at 5:31 PM, Ejner Fergo > wrote: I emailed the author of the howto, so hopefully he will update it.

Re: [Freeipa-users] migrate-ds aborts

On 01/16/2015 02:21 PM, Quayle, Bill wrote: -Original Message- From: Martin Kosek [mailto:mko...@redhat.com] Sent: Friday, January 16, 2015 12:51 PM To: Quayle, Bill; Ludwig Krispenz Cc: 'freeipa-users@redhat.com' Subject: Re: [Freeipa-users] migrate-ds aborts On 01/16/2015 04:48 PM, Q

Re: [Freeipa-users] migrate-ds aborts

Dmitri Pal wrote: > On 01/16/2015 02:21 PM, Quayle, Bill wrote: >> >>> -Original Message- >>> From: Martin Kosek [mailto:mko...@redhat.com] >>> Sent: Friday, January 16, 2015 12:51 PM >>> To: Quayle, Bill; Ludwig Krispenz >>> Cc: 'freeipa-users@redhat.com' >>> Subject: Re: [Freeipa-users] m