Hello.
Is it possible to use IPA with HP-UX servers (ldapux) to authenticate users
from AD via IPA-AD trusts, or such way only work for systems with sssd?
WBR,
Alexander Frolushkin
Cell +79232508764
Work +79232507764
?? ? ? ? ??
Hi,
On Sat, 27 Jun 2015, Dmitri Pal wrote:
On 06/18/2015 05:09 AM, dbisc...@hrz.uni-kassel.de wrote:
I have a svnserve (Subversion 1.6.11) running on my IPA server. Currently,
there's a separate user database with SASL auth:
/etc/sasl2/svn.conf
---
pwcheck_method: auxprop
auxprop_plugin: s
hi
i install centos 6.7 trust with Windows 2008 r2 (User AD can not Login)
and get log in IPA SERVER file: /var/log/krb5kdc.log
domain IPA: l.infotechpsp.net
++
Sep 09 15:09:20 ipareplica.l.infotechpsp.net krb5kdc[1518](info): AS_REQ (4
etypes {18 17 16 23}) 10.30.120.20: NEEDED_PREAU
On Wed, 09 Sep 2015, Morgan Marodin wrote:
Hi Alexander.
Ok, after enabling debugging I have these logs:
---
==> /var/log/httpd/error_log <==
INFO: Current debug levels:
all: 100
tdb: 100
printdrivers: 100
lanman: 100
smb: 100
On Wed, 09 Sep 2015, Alexander Frolushkin wrote:
Hello.
Is it possible to use IPA with HP-UX servers (ldapux) to authenticate
users from AD via IPA-AD trusts, or such way only work for systems with
sssd?
I suspect you need to test it -- set it up like against Netscape/iPlanet
directory server an
On Wed, 09 Sep 2015, alireza baghery wrote:
hi
i install centos 6.7 trust with Windows 2008 r2 (User AD can not Login)
and get log in IPA SERVER file: /var/log/krb5kdc.log
domain IPA: l.infotechpsp.net
++
Sep 09 15:09:20 ipareplica.l.infotechpsp.net krb5kdc[1518](info): AS_REQ (4
et
On 5.9.2015 12:48, Günther J. Niederwimmer wrote:
> Hello,
>
> System CentOS 7.
>
> is it possible to change a certificate to add a subject alt name?
>
> My "Problem" is, I have a Mail Server with name smtp.example.com and the
> correct service certificates smtp/smtp.example.com & imap/example.
On 9.9.2015 07:09, Alexander Bokovoy wrote:
> On Wed, 09 Sep 2015, John Keates wrote:
>> So I was having a DNS mess the other day and decided to clean it up.
>> Before, I was running Unbound on pfSense which then had a domain
>> override to the IPA box. It would forward all queries and IPA-wise all
On 09/05/2015 09:12 PM, Mateusz Małek wrote:
W dniu 01.09.2015 o 13:27, Petr Vobornik pisze:
On 08/27/2015 05:17 AM, Mateusz Małek wrote:
We're trying to adjust FreeIPA to our environment... quite a bit. Here
are some bullet points:
(...)
For points 3, 5, 6 and to limit available choices in
Hi Alexander
IPv6 stack is disabled on my RHEL like distro, v 7 x64, but is enable on my
WIndows 2012.
I have read in a freeipa article to disable IPv6.
I've 2 Domain Controller with Windows Server 2012 and (at this time) one
new freeipa server, just installed, in the same network.
AD REALM is MY
Is there an equivalent host/computer default objectclasses that there is for
ipa config-mod -groupobjectclasses/--userobjectclasses ? We are wanting to add
some additional attributes to all of the servers, I'm able to add the object
class to individual servers but not sure on the procedure so t
On Wed, 09 Sep 2015, Morgan Marodin wrote:
Hi Alexander
IPv6 stack is disabled on my RHEL like distro, v 7 x64, but is enable on my
WIndows 2012.
I have read in a freeipa article to disable IPv6.
Sorry, and why you did decide to disable IPv6 stack? FreeIPA article
explicitly talks about not dis
Ok I've got a strange one going on. I just updated several machines to RHEL
6.7 and seem to have broken my sudo rules. I've tracked the problem down to
having
Default_domain_suffix = ad.domain
In the sssd.conf. If I remove that I can login using the fqn from AD and sudo
rules are applied as
I have a working IPA server and a working client config on an OpenSuse 13.2
with the following versions: nappali:~ # rpm -qa |grep sssd
sssd-tools-1.12.2-3.4.1.i586
sssd-krb5-1.12.2-3.4.1.i586
python-sssd-config-1.12.2-3.4.1.i586
sssd-ipa-1.12.2-3.4.1.i586
sssd-1.12.2-3.4.1.i586
sssd-dbus-1.12.2-3
Hello,
I was wondering if anyone has played with thee extended logging of IPA
and specifically SSSD and the kibana dashboards they put together.
https://www.freeipa.org/page/Centralized_Logging
I can't seem to get "clients" to send the login info
(https://www.freeipa.org/images/6/65/Rek-use
So to restore IPA I tried,
ipa-restore --data ipa-full-2015-09-10-10-28-11
and now I cannot loginopsie.
The admin user password doesnt work and neither do my own accounts.
NB I assume the flag --data restores the user data/HBAC rules etc?
regards
Steven
--
Manage your subscription
Thank you,
so it may work or may not work - we need to try such configuration first. I
hoped somebody already do this and may share the experience :)
BTW, I already do some part of this work before - for native IPA users it
works, but of cause, without HBAC.
WBR,
Alexander Frolushkin
Cell +7923
On Thu, 10 Sep 2015, Alexander Frolushkin wrote:
Thank you,
so it may work or may not work - we need to try such configuration
first. I hoped somebody already do this and may share the experience :)
BTW, I already do some part of this work before - for native IPA users
it works, but of cause, wi
Sorry, I've read ipv6.disable=1 in this article
http://www.freeipa.org/page/Active_Directory_trust_setup#Prerequisites, I
understood wrong this prerequisite and went directly to the next chapter,
in my mind I was conviced that IPv6 must be disabled :)
I will try with IPv6 enabled, and then I will
19 matches
Mail list logo