Re: [Freeipa-users] Unable to get new certificates after upgrade

I re-run the upgrade script and that fixed it. Thank you very much Alexander! On 27 February 2016 at 21:46, Alessandro De Maria < alessandro.dema...@gmail.com> wrote: > Yes that looks exactly like it, thank you. > Are you aware of a workaround available? Like changing manually the CS.cfg? > > >

Re: [Freeipa-users] Unable to get new certificates after upgrade

great that explains a lot! Thank you. My hunt for > 4.2.0 was just because in the release note for 4.2.1 it had: - Various fixes for new Certificates Profiles feature So I immediately assumed the problem I might be experiencing could be fixed by an upgrade (I have tried everything else I

Re: [Freeipa-users] Unable to get new certificates after upgrade

On Sat, 27 Feb 2016, Alessandro De Maria wrote: great that explains a lot! Thank you. My hunt for > 4.2.0 was just because in the release note for 4.2.1 it had: - Various fixes for new Certificates Profiles feature So I immediately assumed the problem I might be experiencing could be fixed

Re: [Freeipa-users] Unable to get new certificates after upgrade

Yes that looks exactly like it, thank you. Are you aware of a workaround available? Like changing manually the CS.cfg? On 27 February 2016 at 21:40, Alexander Bokovoy wrote: > On Sat, 27 Feb 2016, Alessandro De Maria wrote: > >> great that explains a lot! Thank you. >> >>

[Freeipa-users] Unable to get new certificates after upgrade

Hello list, I was running freeipa 4.1 on Centos 7.1. I wanted to upgrade to freeipa 4.2.x to make use of user certificates. Upgrade (through yum upgrade) went ok and I am now on version: Name: ipa-server Version : 4.2.0 Release : 15.el7_2.6 However I am unable to generate new

Re: [Freeipa-users] Unable to get new certificates after upgrade

On Sat, 27 Feb 2016, Alessandro De Maria wrote: Hello list, I was running freeipa 4.1 on Centos 7.1. I wanted to upgrade to freeipa 4.2.x to make use of user certificates. Upgrade (through yum upgrade) went ok and I am now on version: Name: ipa-server Version : 4.2.0 Release :

Re: [Freeipa-users] Error joining domain: tstream_npa_connect_recv to /run/samba/ncalrpc/np for pipe lsarpc

Hi Alexander Thanks for your reply... The problem here was apparently SELinux, after setting: setsebool -P samba_load_libgfapi 1 setsebool -P samba_portmapper 1 The lsasd deamon was able to startup correctly... Now I'm faced with another issue: ACCESS DENIED (granted: 0x0201; required:

Re: [Freeipa-users] Recovering from data-only backup doesn't recover Kerberos keys properly

On (24/02/16 14:28), Marat Vyshegorodtsev wrote: >> Are you just toying with this or did something go horribly wrong and >you're trying to restore a production environment? > >This. :-( > >I have actually rebuilt the environment from scratch, then wrote a >perl script that just recreated all users

[Freeipa-users] Error joining domain: tstream_npa_connect_recv to /run/samba/ncalrpc/np for pipe lsarpc

Hi guys I have setup a NT4 Domain, using Freeipa as a ipasam backend... Normal user authentication and shares seems to work, but i'm getting an error when trying to join a Windows 7 machine to the domain (see below)... To me it seems to be the same error as here:

Re: [Freeipa-users] Error joining domain: tstream_npa_connect_recv to /run/samba/ncalrpc/np for pipe lsarpc

On Sat, 27 Feb 2016, Martin Juhl wrote: Hi guys I have setup a NT4 Domain, using Freeipa as a ipasam backend... Normal user authentication and shares seems to work, but i'm getting an error when trying to join a Windows 7 machine to the domain (see below)... To me it seems to be the same