Re: [Freeipa-users] Migration error?

2015-06-15 Thread Rob Crittenden
Janelle wrote: Good morning and happy Monday, I have a strange problem. Wondering if anyone has seen this before in trying to run an ipa migrate-ds? ipa: ERROR: The search criteria was not specific enough. Expected 1 and found 2. The migration worked previously, but now, in order to try and

Re: [Freeipa-users] migrating 3.0 - 4.1: passwords not migrated?

2015-06-15 Thread Tamas Papp
On 06/10/2015 03:33 PM, Martin Kosek wrote: On 06/10/2015 03:18 PM, Tamas Papp wrote: hi, Currently there are CentOS 6.5 servers and IPA 3.0. The goal is migrating users to CentOS 7.1 and IPA 4.1. This is the command I use: $ ipa migrate-ds ldap://ipa11

[Freeipa-users] Migration error?

2015-06-15 Thread Janelle
Good morning and happy Monday, I have a strange problem. Wondering if anyone has seen this before in trying to run an ipa migrate-ds? ipa: ERROR: The search criteria was not specific enough. Expected 1 and found 2. The migration worked previously, but now, in order to try and update some

Re: [Freeipa-users] stickybits and freeipa

2015-06-15 Thread Simo Sorce
On Sun, 2015-06-14 at 20:53 +0200, richard wrote: Hi, We are about to implement freeipa in our environment. During some test so have we discovered problems when we are trying to run scripts with the suid bit set. It looks like the system is trying to authenticate the suid user against

Re: [Freeipa-users] Migration error?

2015-06-15 Thread Janelle
On 6/15/15 1:12 PM, Rob Crittenden wrote: Janelle wrote: On 6/15/15 6:36 AM, Rob Crittenden wrote: Usually means there is a replication conflict entry. You may be able to get more details on what failed by looking at the LDAP access log of both LDAP servers, though I guess I'd expect this

Re: [Freeipa-users] direct ldap connect from dovecot

2015-06-15 Thread Rob Crittenden
G√ľnther J. Niederwimmer wrote: Hello, is it possible to connect direct to the ldap from a program like dovecot? I have big auth problems with my setup? with cn=admin,cn=users,cn=accounts,dc=,dc=x and password from admin this is not working I don't know the 386 server :-(, in the

[Freeipa-users] direct ldap connect from dovecot

2015-06-15 Thread G√ľnther J . Niederwimmer
Hello, is it possible to connect direct to the ldap from a program like dovecot? I have big auth problems with my setup? with cn=admin,cn=users,cn=accounts,dc=,dc=x and password from admin this is not working I don't know the 386 server :-(, in the moment I have to learn much more ;-).

Re: [Freeipa-users] Migration error?

2015-06-15 Thread Janelle
On 6/15/15 6:36 AM, Rob Crittenden wrote: Janelle wrote: Good morning and happy Monday, I have a strange problem. Wondering if anyone has seen this before in trying to run an ipa migrate-ds? ipa: ERROR: The search criteria was not specific enough. Expected 1 and found 2. The migration worked

Re: [Freeipa-users] Migration error?

2015-06-15 Thread Rob Crittenden
Janelle wrote: On 6/15/15 6:36 AM, Rob Crittenden wrote: Janelle wrote: Good morning and happy Monday, I have a strange problem. Wondering if anyone has seen this before in trying to run an ipa migrate-ds? ipa: ERROR: The search criteria was not specific enough. Expected 1 and found 2. The

Re: [Freeipa-users] 4.x on CentOS 6?

2015-06-15 Thread Alexander Bokovoy
On Sun, 14 Jun 2015, Rob Crittenden wrote: Janelle wrote: Hi everyone, Does anyone know if it is possible to install the 4.1 ipa-CLIENT (not the server - just the client) on a CentOS 6.6 system? My guess is this is really just based on sssd, or am I missing something? I would like to get OTP

Re: [Freeipa-users] 4.x on CentOS 6?

2015-06-15 Thread Lukas Slebodnik
On (13/06/15 16:04), Janelle wrote: Hi everyone, Does anyone know if it is possible to install the 4.1 ipa-CLIENT (not the server - just the client) on a CentOS 6.6 system? My guess is this is really just based on sssd, or am I missing something? If you want newer version of sssd you can test

Re: [Freeipa-users] Is something.local hostname possible

2015-06-15 Thread Petr Spacek
On 12.6.2015 17:40, James Benson wrote: Hi all, I'm trying to duplicate freeIPA on a local host but I keep on getting errors, primarily a RuntimeError('CA did not start in %%ss' %timeout). Has anyone tried this before and succeeded or have suggestions? Thanks Please do not use .local, it is

Re: [Freeipa-users] Is something.local hostname possible

2015-06-15 Thread Martin Kosek
On 06/12/2015 05:40 PM, James Benson wrote: Hi all, I'm trying to duplicate freeIPA on a local host but I keep on getting errors, primarily a RuntimeError('CA did not start in %%ss' %timeout). Has anyone tried this before and succeeded or have suggestions? Thanks James What do you mean