"Molnár Domokos" írta:
>On 09/14/2015 03:08 PM, Pavel Březina wrote:
>>On 09/11/2015 02:40 PM, Molnár Domokos wrote:
>>>Full log attached.
>>>"Molnár Domokos" írta:
>>>
>>>
>>>"Pavel Březina" írta:
>>>
>>>On 09/09/2015 09:31 PM, Molnár Domokos wrote:
>>> > I have a workin
Jakub Hrozek írta:
>On Tue, Sep 15, 2015 at 07:25:17AM +0200, Molnár Domokos wrote:
>> On 09/14/2015 03:08 PM, Pavel Březina wrote:
>> >On 09/11/2015 02:40 PM, Molnár Domokos wrote:
>>
>> >>Full log attached.
>> >>"Molnár Domokos" írta:
>> >>
>> >>
>> >>"Pavel Březina" írta:
>> >>
>> >>
On 15.9.2015 03:29, Nathan Peters wrote:
> I think it was not having dynamic updates enabled for the reverse zone. I
Yes, that is it. See
https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/SyncPTR
for more details.
> enabled those and PTR sync on both the forward and reverse and now it seems to
On Tue, Sep 15, 2015 at 09:13:09AM +0200, Molnár Domokos wrote:
>
> Jakub Hrozek írta:
> >On Tue, Sep 15, 2015 at 07:25:17AM +0200, Molnár Domokos wrote:
> >> On 09/14/2015 03:08 PM, Pavel Březina wrote:
> >> >On 09/11/2015 02:40 PM, Molnár Domokos wrote:
> >>
> >> >>Full log attached.
> >> >>"
Jakub Hrozek írta:
>On Tue, Sep 15, 2015 at 09:13:09AM +0200, Molnár Domokos wrote:
>>
>> Jakub Hrozek írta:
>> >On Tue, Sep 15, 2015 at 07:25:17AM +0200, Molnár Domokos wrote:
>> >> On 09/14/2015 03:08 PM, Pavel Březina wrote:
>> >> >On 09/11/2015 02:40 PM, Molnár Domokos wrote:
>> >>
>> >>
On Mon, Sep 14, 2015 at 09:59:40AM +0200, Jan Pazdziora wrote:
> On Sat, Sep 12, 2015 at 03:14:35PM +0200, Natxo Asenjo wrote:
> > On Sat, Sep 12, 2015 at 12:18 PM, Natxo Asenjo
> > wrote:
> >
> > > on a a centos 7.1 host when enrolling it with (among other) the switch
> > > --request-cert it doe
On Sat, 2015-09-12 at 08:57 -0400, Brian J. Murrell wrote:
> Due to the bug in mod_nss that prevents SNI from functioning (i.e.
> limits a port to a single certificate) I need to add SANs
> (SubjectAltName) to the certificate that freeipa created for the
> webserver (Server-Cert) so that I can add
On Tue, 15 Sep 2015, Molnár Domokos wrote:
#hostnamectl set-hostname nappali.silva
on modern systems.
doma@nappali:/home/doma> hostname --fqdn
nappali.szilva
doma@nappali:/home/doma> su
Password:
nappali:/home/doma # hostnamectl set-hostname nappali.szilva
nappali:/home/doma # hostname
nappali
On 09/15/2015 12:35 PM, Brian J. Murrell wrote:
> On Sat, 2015-09-12 at 08:57 -0400, Brian J. Murrell wrote:
>> Due to the bug in mod_nss that prevents SNI from functioning (i.e.
>> limits a port to a single certificate) I need to add SANs
>> (SubjectAltName) to the certificate that freeipa created
On Tue, 2015-09-15 at 13:01 +0200, Martin Kosek wrote:
> BTW, there was related thread on freeipa-users in the past, with some
> links to
> related information:
>
> https://www.redhat.com/archives/freeipa-users/2012-June/msg00216.html
So this writeup seems to ignore the fact that Apache and the
c
On Tue, Sep 15, 2015 at 01:58:07PM +0300, Alexander Bokovoy wrote:
> On Tue, 15 Sep 2015, Molnár Domokos wrote:
> >>#hostnamectl set-hostname nappali.silva
> >>on modern systems.
> >>
> >>>doma@nappali:/home/doma> hostname --fqdn
> >>>nappali.szilva
> >doma@nappali:/home/doma> su
> >Password:
> >na
I just updated several machines to RHEL 6.7 and seem to have broken my sudo
rules. I've tracked the problem down to having
Default_domain_suffix = ad.domain
In the sssd.conf. If I remove that I can login using the fqn from AD and sudo
rules are applied as configured. However I don't want to
Sorry for not replying sooner, many of us were mostly offline last week.
I'll try to reproduce locally..
On Tue, Sep 15, 2015 at 12:24:45PM +, Andy Thompson wrote:
> I just updated several machines to RHEL 6.7 and seem to have broken my sudo
> rules. I've tracked the problem down to having
On 09/15/2015 01:37 PM, Jakub Hrozek wrote:
>On Tue, Sep 15, 2015 at 01:58:07PM +0300, Alexander Bokovoy wrote:
>>On Tue, 15 Sep 2015, Molnár Domokos wrote:
#hostnamectl set-hostname nappali.silva on modern systems.
>doma@nappali:/home/doma> hostname --fqdn nappali.szilva
>>>doma@n
So, here is the recap :
I migrate a single IPA server Centos 6.6 to dual IP server Centos 7.1. The
PKI was only installed on server two.
Everything was working fine, replication OK, new enrollements OK,
authentication with Kerberos and LDAP OK.
After some time, I discover that pki tomcatd service d
Hello list.
I'm trying to make a test deploy of FreeIPA, and I was wondering if it
is possible to authenticate remote sites via LDAP by havong a partial
replica based on saome filter (maybe a group, an attribute or similar).
Sorry if this is a silly question, but I am trying to explore the
po
Hi,
I am in a similar boat, well RHEL6.7 to RHEL7.1. I joined a RHEL7.1 / IPA4.1
to the 6.7 / IPA3.0 --self-cert domain, got rid of all the 6.7's so I was
ca-less. Did a full backup on the RHEL7.1 / IPA 4.1. Blew away the ipa
server, installed fresh, pki-tomcat runs, did a restore and pki-t
17 matches
Mail list logo