Re: [Freeipa-users] FreeIPA and LetsEncrypt Question

Hello All, Am Wednesday 02 December 2015, 21:10:31 schrieb Fraser Tweedale: > On Mon, Nov 30, 2015 at 02:46:13PM +0200, Alexander Bokovoy wrote: > > On Mon, 30 Nov 2015, Günther J. Niederwimmer wrote: > > >Hello , > > > > > >I have the question, know any from the FreeIPA "Gurus" ;-), are the new

[Freeipa-users] backup/restore best practices

What does everyone do for backup/restore of their IPA infrastructure? I've read over the backup and restore on freeipa.org just want some real world application out there. Right now all of our backups are done at the SAN level. We snap the SAN aggregate containing the VMs and have those

Re: [Freeipa-users] Documentation on the JSON format for ipa-web?

Hmm, I've made a few tests against JSON API and the API browser was available. I've used RHEL 7.2 and so I expect CentOS 7.2 contaning the API browser. Oliver Am 01.12.2015 um 19:41 schrieb Marc Boorshtein: IPA 4.2 has an experimental API browser in the GUI, IPA Server -> API browser.

Re: [Freeipa-users] Documentation on the JSON format for ipa-web?

I did an upgrade yesterday and was still at 7.1 so i don't think 7.2 has been officially released. Marc Boorshtein CTO Tremolo Security marc.boorsht...@tremolosecurity.com (703) 828-4902 On Wed, Dec 2, 2015 at 1:57 PM, Oliver Dörr wrote: > Hmm, > > I've made a few tests

[Freeipa-users] Sudo question

Hi All, I have a significant amount of time on this and hoping some of you might have an idea. I want to limit user bob from getting to a root prompt on this test box. It seems to work until bob is able to run a command he is allowed via sudo such as cat. Sudo -i is on the deny command list

Re: [Freeipa-users] Documentation on the JSON format for ipa-web?

On 12/01/2015 07:56 PM, Marc Boorshtein wrote: Great. Doesn't look like its made it into CentOS yet (still at 7.1). OK, going to go ahead and get it running on Fedora 23. Thanks Marc Boorshtein CTO Tremolo Security marc.boorsht...@tremolosecurity.com (703) 828-4902 On Tue, Dec 1, 2015 at

Re: [Freeipa-users] FreeIPA and LetsEncrypt Question

On Mon, Nov 30, 2015 at 02:46:13PM +0200, Alexander Bokovoy wrote: > On Mon, 30 Nov 2015, Günther J. Niederwimmer wrote: > >Hello , > > > >I have the question, know any from the FreeIPA "Gurus" ;-), are the new > >upcoming LetsEncrypt Certificates compatible and working with FreeIPA? > We have

Re: [Freeipa-users] FreeIPA and LetsEncrypt Question

Have a look at a recent thread that I had started. You might be able to do it manually for http/ldap certs. However, there were some issues which I haven't figured out yet. You might have better luck. Anyone should be able to try it out given that LE enters public beta in a couple of days. On

Re: [Freeipa-users] Documentation on the JSON format for ipa-web?

Rob & Martin, Thanks. This is a great resource. Is there a way to generate sample JSONs for each command? For instance, when I make a call to user_search, I use the following: String lookupjson = "{\"method\":\"batch\",\"params\":[[{\"method\":\"user_show\",\"params\":[[\"" + userID +

Re: [Freeipa-users] Documentation on the JSON format for ipa-web?

On Wed, 02 Dec 2015, Marc Boorshtein wrote: Rob & Martin, Thanks. This is a great resource. Is there a way to generate sample JSONs for each command? For instance, when I make a call to user_search, I use the following: String lookupjson =

Re: [Freeipa-users] Documentation on the JSON format for ipa-web?

> > just use 'ipa -vv user-show ...' to see formatted JSON. > excellent > Did you read my article? > https://vda.li/en/posts/2015/05/28/talking-to-freeipa-api-with-sessions/ > > I hadn't, but this is exactly what I'm looking for. Perfect, this will help me clean up my implementation nicely.