Great work on 4.1.0! As a CentOS user, I am able to convey the 3.x - 4.1.0
upgrade went smoothly via the CentOS 7.0 - 7.1 upgrade on my replicated pair
of IPA instances.
Question about proper setup of service accounts: I see that the service
accounts I set up under cn=etc, cn=sysaccounts are
On 3.4.2015 02:10, Brendan Kearney wrote:
i am wondering if bind-dyndb-ldap supports stub zones. below would be a
use case for me.
TL;DR:
No. bind-dyndb-ldap supports only 'master' and 'forward' zones and at the
moment. Please see below.
http://www.zytrax.com/books/dns/ch7/zone.html#type
say
On Mar 24, 2015, at 17:11, Dmitri Pal d...@redhat.com wrote:
Seems like 15 sec timeout on the AIX side.
Can you try with a user that does not have that many groups and see if that
works?
If it does then we should assume it is an AIX side timeout and focus on
making sure the data gets
Hello,
I want to initialize a new replica with an external CA. My Certificate
Authority wants a CSR with the field emailAddress in the subject like :
/C=FR/O=TESTO/OU=TESTOU/CN=*.example.com/emailAddress=n...@none.com
How can I do with the ipa-server-install command ? I have been trying for
On Fri, 03 Apr 2015, Bobby Prins wrote:
On Mar 24, 2015, at 17:11, Dmitri Pal d...@redhat.com wrote:
Seems like 15 sec timeout on the AIX side.
Can you try with a user that does not have that many groups and see if that
works?
If it does then we should assume it is an AIX side timeout and
On Fri, 03 Apr 2015, Bobby Prins wrote:
- Oorspronkelijk bericht -
Van: Alexander Bokovoy aboko...@redhat.com
Aan: Bobby Prins bobby.pr...@proxy.nl
Cc: d...@redhat.com, freeipa-users@redhat.com
Verzonden: Vrijdag 3 april 2015 12:45:07
Onderwerp: Re: [Freeipa-users] 'Preauthentication
- Oorspronkelijk bericht -
Van: Alexander Bokovoy aboko...@redhat.com
Aan: Bobby Prins bobby.pr...@proxy.nl
Cc: d...@redhat.com, freeipa-users@redhat.com
Verzonden: Vrijdag 3 april 2015 12:45:07
Onderwerp: Re: [Freeipa-users] 'Preauthentication failed' with SSSD in
ipa_server_mode
On
- Oorspronkelijk bericht -
Van: Alexander Bokovoy aboko...@redhat.com
Aan: Bobby Prins bobby.pr...@proxy.nl
Cc: d...@redhat.com, freeipa-users@redhat.com
Verzonden: Vrijdag 3 april 2015 14:26:17
Onderwerp: Re: [Freeipa-users] 'Preauthentication failed' with SSSD in
ipa_server_mode
On
The sequence to emulate what SSSD does would be
kinit -k host/`hostname`
ldapsearch -Y GSSAPI -H ldap://genet.ipa.middlebury.edu \
-b cn=compat,dc=ipa,dc=middlebury,dc=edu -s sub \
'(uid=ad...@middlebury.edu)'
As result, we have 'ad...@middlebury.edu' inserted in the
On 04/03/2015 01:51 AM, Brian Topping wrote:
Great work on 4.1.0! As a CentOS user, I am able to convey the 3.x -
4.1.0 upgrade went smoothly via the CentOS 7.0 - 7.1 upgrade on my
replicated pair of IPA instances.
Question about proper setup of service accounts: I see that the
service
hi All,
I have CentOS 6.6 server and want to upgrade to 7.1.
What is the upgrade path, can I do it directly or first I need to make
it to 3.3?
Also is there any known issue I should expect with workarounds?
Thanks,
tamas
--
Manage your subscription for the Freeipa-users mailing list:
On Thu, 2015-04-02 at 17:33 -0400, Prasun Gera wrote:
I had a look at ldap/servers/plugins/pwdstorage/crypt_pwd.c, and it looks
like it is hardcoded in crypt_pw_enc, which uses the default DES crypt
method. This only affects the encoding. The verification of passwords works
with any of MD5 or
On 04/03/2015 09:46 AM, Brian Topping wrote:
On Apr 3, 2015, at 6:48 AM, Tamas Papp tom...@martos.bme.hu wrote:
hi All,
I have CentOS 6.6 server and want to upgrade to 7.1.
What is the upgrade path, can I do it directly or first I need to make it to
3.3?
Also is there any known issue I
On 04/03/2015 03:46 PM, Brian Topping wrote:
On Apr 3, 2015, at 6:48 AM, Tamas Papp tom...@martos.bme.hu wrote:
hi All,
I have CentOS 6.6 server and want to upgrade to 7.1.
What is the upgrade path, can I do it directly or first I need to make it to
3.3?
Also is there any known issue I
On 04/03/2015 09:36 AM, Brian Topping wrote:
On Apr 3, 2015, at 6:17 AM, Dmitri Pal d...@redhat.com
mailto:d...@redhat.com wrote:
On 04/03/2015 01:51 AM, Brian Topping wrote:
Great work on 4.1.0! As a CentOS user, I am able to convey the 3.x
- 4.1.0 upgrade went smoothly via the CentOS 7.0 -
Hello,
Trying to log into the Gui I just get Your session has expired. Please
re-login. Everything else appears to be working.
I cannot find any useful logs.
Cheers,
Andrew
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go
On 04/03/2015 02:03 PM, James James wrote:
Hi everybody, sorry to repost my original question but this time my
problem is better described.
I want to install a ipa sever on centos 6 with an external ca. My
problem is to add emailAddress in the subject field when I type the
command :
HI
i was facing the same issue last week and it got fixed now.
always user WUI from firefox. install Kerbros plugin and certificate from
ipa help page
check time(ntp)
Destroy and recreate ticket (Kdestroy kinit admin)
restart krb5kdc,sssd httpd services
restart ipactl (ipactl restart)
On Friday, 3 April 2015, Ben .T.George bentech4...@gmail.com wrote:
HI
i was facing the same issue last week and it got fixed now.
always user WUI from firefox. install Kerbros plugin and certificate from
ipa help page
Hi George,
Thanks for the advice. Did you discover the root of the
On (03/04/15 17:13), Guertin, David S. wrote:
I don't see any request going to sssd.
Can you try with ju...@middlebury.edu? Old SSSD is incapable to see
MIDD\juser being the same as ju...@middlebury.edu.
When I try:
ssh -l 'ju...@middlebury.edu' yakko.ipa.middlebury.edu
There is no response
Hi everybody, sorry to repost my original question but this time my problem
is better described.
I want to install a ipa sever on centos 6 with an external ca. My problem
is to add emailAddress in the subject field when I type the command :
[root@ipa-dev ~]# ipa-server-install --external_ca
no, it's because of wrong ticket i guess.
try the steps and let us know the output
On Fri, Apr 3, 2015 at 2:23 PM, Andrew Holway andrew.hol...@gmail.com
wrote:
On Friday, 3 April 2015, Ben .T.George bentech4...@gmail.com wrote:
HI
i was facing the same issue last week and it got fixed
What slapi-nis and ipa packages are on the IPA master side?
This all looks like IPA masters don't have RHEL 7.1 update 1 packages from
https://rhn.redhat.com/errata/RHSA-2015-0728.html where exactly this
problem with initgroups was fixed.
Yes, that was it! I had not applied those updates. I just
On Fri, 03 Apr 2015, Guertin, David S. wrote:
I don't see any request going to sssd.
Can you try with ju...@middlebury.edu? Old SSSD is incapable to see
MIDD\juser being the same as ju...@middlebury.edu.
When I try:
ssh -l 'ju...@middlebury.edu' yakko.ipa.middlebury.edu
There is no response
On Fri, 03 Apr 2015, Dmitri Pal wrote:
On 04/03/2015 09:36 AM, Brian Topping wrote:
On Apr 3, 2015, at 6:17 AM, Dmitri Pal d...@redhat.com
mailto:d...@redhat.com wrote:
On 04/03/2015 01:51 AM, Brian Topping wrote:
Great work on 4.1.0! As a CentOS user, I am able to convey the
3.x - 4.1.0
I tried it in Firefox and I could log in fine. Firefox does not use the OSX
Keychain so, on a whim I deleted the Cert from keychain and, et voila, It
was working on chrome again.
Weirdly, chrome is still trusting the certificate even though I deleted the
cert from keychain so either there is some
Hi all,
What purpose does this package serve? The way I’ve done Kerberos between
Active Directory and AD, the trust was always one way (outgoing): the MIT realm
is authoritative and AD “shadow accounts” were mapped to ‘real’ principals via
the alternateSecurityID attribute. Looking at what
On Fri, 03 Apr 2015, Guertin, David S. wrote:
The sequence to emulate what SSSD does would be
kinit -k host/`hostname`
ldapsearch -Y GSSAPI -H ldap://genet.ipa.middlebury.edu \
-b cn=compat,dc=ipa,dc=middlebury,dc=edu -s sub \
'(uid=ad...@middlebury.edu)'
As result, we have
On Apr 3, 2015, at 6:17 AM, Dmitri Pal d...@redhat.com wrote:
On 04/03/2015 01:51 AM, Brian Topping wrote:
Great work on 4.1.0! As a CentOS user, I am able to convey the 3.x - 4.1.0
upgrade went smoothly via the CentOS 7.0 - 7.1 upgrade on my replicated
pair of IPA instances.
Question
On Apr 3, 2015, at 6:48 AM, Tamas Papp tom...@martos.bme.hu wrote:
hi All,
I have CentOS 6.6 server and want to upgrade to 7.1.
What is the upgrade path, can I do it directly or first I need to make it to
3.3?
Also is there any known issue I should expect with workarounds?
I just
30 matches
Mail list logo