Hi Harold
Perhaps you should not think of FreeIPA as a product. Perhaps a better
analogy is a Product Stack. Another example would be LAMP. And as far as I
can make out, the point of the FreeIPA project is to better integrate the
various products that build the stack.
A very important factor -
On 26.6.2015 09:21, Christopher Lamb wrote:
A very important factor - at least to me is this community: It is vibrant
and active, you get advice, they listen and change things. For example I
can think of at least 3 changes made to the documentation in the last few
months due to mistakes I had
I've found that if you are setting up a new environment from scratch which
is mostly going to involve RHEL/Fedora systems, and that you have full
control over your network including DNS, DHCP etc., it should mostly be
smooth sailing. However, if you already have a network of old and new
machines
On 06/26/2015 02:38 PM, Sumit Bose wrote:
On Thu, Jun 25, 2015 at 07:00:34PM +0200, Giorgio Biacchi wrote:
On 06/25/2015 05:44 PM, Sumit Bose wrote:
On Thu, Jun 25, 2015 at 04:29:37PM +0200, Giorgio Biacchi wrote:
On 06/25/2015 02:10 PM, Sumit Bose wrote:
On Thu, Jun 25, 2015 at 01:06:22PM
On (26/06/15 12:48), Petr Spacek wrote:
On 26.6.2015 12:18, Lukas Slebodnik wrote:
On (26/06/15 01:29), Prasun Gera wrote:
I've found that if you are setting up a new environment from scratch which
is mostly going to involve RHEL/Fedora systems, and that you have full
control over your network
More importantly, ipa-client-install is just a thin configuration tool. If
ipa-client-install is not available on your platform you can configure
everything manually and it will work (as long as the client is
standard-compliant).
I.e. the client side is *in the worst case* (without
On Fri, Jun 26, 2015 at 04:34:05PM +0200, Giorgio Biacchi wrote:
On 06/26/2015 02:38 PM, Sumit Bose wrote:
On Thu, Jun 25, 2015 at 07:00:34PM +0200, Giorgio Biacchi wrote:
On 06/25/2015 05:44 PM, Sumit Bose wrote:
On Thu, Jun 25, 2015 at 04:29:37PM +0200, Giorgio Biacchi wrote:
On
[root@nimbus sssd]# ls -l sssd.conf
-rw--- 1 root root 809 Jun 26 11:20 sssd.conf
[root@nimbus sssd]#
And the permissions are 0600 and SELINUX IS DISABLED
-Original Message-
From: Jakub Hrozek [mailto:jhro...@redhat.com]
Sent: Friday, June 26, 2015 11:42 AM
To: Martin Chamambo
Cc:
hi,
On Wed, Jun 24, 2015 at 9:06 AM, Harald Dunkel harald.dun...@aixigo.de
wrote:
Hi folks,
I have a general problem with freeipa: It is *highly* complex
and depends upon too many systems working together correctly
(IMHO).
My concern is, if there is a problem, then the usual tools
On 06/23/2015 03:02 PM, Alexander Bokovoy wrote:
On Tue, 23 Jun 2015, Dmitri Pal wrote:
On 06/17/2015 09:56 AM, Alexander Bokovoy wrote:
On Wed, 17 Jun 2015, Henry Hofmann wrote:
Ok, how can I configure the map of source attributes (mail or any
other) to compat tree?
Go back in archives in
On 05/18/2015 06:16 AM, Andy Thompson wrote:
-Original Message-
From: Jakub Hrozek [mailto:jhro...@redhat.com]
Sent: Monday, May 18, 2015 4:07 AM
To: Andy Thompson
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] username case sensitivity
On Sun, May 17, 2015 at 10:26:45PM
On 05/19/2015 05:29 AM, thewebbie wrote:
My requirements is to replace dozens of htaccess folders on one
server. Each folder requiring a user group. So Host based will not
work in this case
Matthew Feinberg
On May 19, 2015 4:03 AM, Jan Pazdziora jpazdzi...@redhat.com
On 05/21/2015 02:59 AM, Rudolf Gabler wrote:
Hi to whom it may concern,
we used for many years a 2 location policy to separate email users
from unix users in order to not using the same passwords. So we had 2
trees in our LDAP with the same user but different passwords.
Sorry for reviving
This is my sssd.conf file and I have that config_file_version = 2
[root@server sssd]# vim sssd.conf
[domain/ai.co.zw]
debug_level = 10
cache_credentials = True
krb5_store_password_if_offline = True
ipa_domain = ai.co.zw
id_provider = ipa
auth_provider = ipa
access_provider = ipa
ipa_hostname
On Fri, Jun 26, 2015 at 09:18:17AM +, Martin Chamambo wrote:
I installed ipa-client on centos 6.6 32 bit and it installed correctly but
there was no /etc/sssd/sssd.conf file ..I read through forums that you
can copy another sssd.conf file from another machine but this is what im
- Original Message -
On 06/23/2015 03:02 PM, Alexander Bokovoy wrote:
On Tue, 23 Jun 2015, Dmitri Pal wrote:
On 06/17/2015 09:56 AM, Alexander Bokovoy wrote:
On Wed, 17 Jun 2015, Henry Hofmann wrote:
Ok, how can I configure the map of source attributes (mail or any
other) to
Hi ,
I'm exploring implementing a 2FA solution to my servers exposed to public.
Mainly to secure SSH with 2FA. The SSH keys and users are already in
FreeIPA.
Is there a way to utilize the OTP inside FreeIPA during a user login to
these servers ? A user will have to enter the TOTP code bases on
- Original Message -
Hi ,
I'm exploring implementing a 2FA solution to my servers exposed to public.
Mainly to secure SSH with 2FA. The SSH keys and users are already in
FreeIPA.
Is there a way to utilize the OTP inside FreeIPA during a user login to these
servers ? A user will
On Fri, Jun 26, 2015 at 10:00:38AM +, Martin Chamambo wrote:
[root@nimbus sssd]# ls -l sssd.conf
-rw--- 1 root root 809 Jun 26 11:20 sssd.conf
[root@nimbus sssd]#
And the permissions are 0600 and SELINUX IS DISABLED
Can you send me the file in attachment, ideally in a tarball so we
On Thu, Jun 25, 2015 at 07:00:34PM +0200, Giorgio Biacchi wrote:
On 06/25/2015 05:44 PM, Sumit Bose wrote:
On Thu, Jun 25, 2015 at 04:29:37PM +0200, Giorgio Biacchi wrote:
On 06/25/2015 02:10 PM, Sumit Bose wrote:
On Thu, Jun 25, 2015 at 01:06:22PM +0200, Giorgio Biacchi wrote:
On
On (26/06/15 01:29), Prasun Gera wrote:
I've found that if you are setting up a new environment from scratch which
is mostly going to involve RHEL/Fedora systems, and that you have full
control over your network including DNS, DHCP etc., it should mostly be
smooth sailing. However, if you already
On Fri, Jun 26, 2015 at 10:20:19AM +, Martin Chamambo wrote:
Find file attached
Also please try to remove the databases to make sure no old db is
around:
rm -f /var/lib/sss/db/*
--
Manage your subscription for the Freeipa-users mailing list:
On (26/06/15 09:32), Martin Chamambo wrote:
This is my sssd.conf file and I have that config_file_version = 2
[root@server sssd]# vim sssd.conf
[domain/ai.co.zw]
debug_level = 10
cache_credentials = True
krb5_store_password_if_offline = True
ipa_domain = ai.co.zw
id_provider = ipa
On Fri, Jun 26, 2015 at 10:20:19AM +, Martin Chamambo wrote:
Find file attached
OK, this looks good. Are you sure the file is at the correct location?
(/etc/sssd/sssd.conf)
Can you run strace sssd -i to see which file is sssd opening?
--
Manage your subscription for the Freeipa-users
On 26.6.2015 12:18, Lukas Slebodnik wrote:
On (26/06/15 01:29), Prasun Gera wrote:
I've found that if you are setting up a new environment from scratch which
is mostly going to involve RHEL/Fedora systems, and that you have full
control over your network including DNS, DHCP etc., it should
25 matches
Mail list logo