Re: [Freeipa-users] sssd.service start operation timed out

On (20/03/16 13:00), Harald Dunkel wrote: >Hi Lukas, > >On 03/19/16 10:59, Lukas Slebodnik wrote: >> On (19/03/16 10:38), Harald Dunkel wrote: >> >>> Since freeipa doesn't work with anything else but systemd its a little bit >>> cheap now to say "not my problem", is it? >>> >> "freeipa-server"

Re: [Freeipa-users] Unable to authenticate

On (19/03/16 21:58), pgb205 wrote: >I have enabled debugging withdebug_level = 7 in sssd.conf >Receive following error messages:Marking server 'ipa-server' as 'name >resolved'[be_resolve_server_process] (0x0200): Found address for server >ipa-server >[get_port_status] (0x1000): Port status of

Re: [Freeipa-users] Directory Search Question

On 03/18/2016 09:21 PM, Randy Morgan wrote: > We have a FreeIPA Version 4.2 production installation that seems to have a > limitation we cannot figure out how to overcome. Users cannot search, from > the > gui, for a specific user. The only users who can perform a search for a > specific user

Re: [Freeipa-users] Certificate profiles and CA ACLs for service principals

On Tue, 22 Mar 2016, Fraser Tweedale wrote: On Fri, Mar 18, 2016 at 08:12:44PM +1100, earsdown wrote: Hi all, Firstly, a big thank you to everyone who works on the FreeIPA project - you guys are my heroes. Let's talk about the new Certificate Profile and CA ACL feature and some use cases that

[Freeipa-users] Announcing FreeIPA 4.2.4

The FreeIPA team would like to announce FreeIPA v4.2.4 bug fixing release! It can be downloaded from http://www.freeipa.org/page/Downloads. The builds are available for Fedora 23. https://bodhi.fedoraproject.org/updates/freeipa-4.2.4-1.fc23 This release notes are also available on

Re: [Freeipa-users] Tracking Login Times

Bob wrote: We currently have 18 master ODSEE servers that we use to provide authentication services to both Redhat, SuSE, and Solaris systems. We are looking to add IPA servers to environment. We have a requirement to track time of last authentication. With ODSEE, time of last

[Freeipa-users] Tracking Login Times

We currently have 18 master ODSEE servers that we use to provide authentication services to both Redhat, SuSE, and Solaris systems. We are looking to add IPA servers to environment. We have a requirement to track time of last authentication. With ODSEE, time of last authentication tracking is

[Freeipa-users] Renewing an externally signed HTTP/LDAP certificate

Hi there. I setup an IPA4.2.0 on RHEL7 service for our CS department on ipa.cs.ru.is(temporarily down) and ipa2.cs.ru.is I used StartSSL to sign our certificate for HTTP and LDAP usage because I didn't want our users to deal with the internal CA nor could we get the CA certificate signed. Problem

Re: [Freeipa-users] Renewing an externally signed HTTP/LDAP certificate

Joseph Timothy Foley wrote: I just discovered that the certificate on ipa2.cs.ru.is is good to August, so I have a little bit of breathing room. That said, the ipa.cs.ru.is certificate will expire on March 23, so I need to update it. The process to get a new cert is pretty much the same as

Re: [Freeipa-users] Renewing an externally signed HTTP/LDAP certificate

I just discovered that the certificate on ipa2.cs.ru.is is good to August, so I have a little bit of breathing room. That said, the ipa.cs.ru.is certificate will expire on March 23, so I need to update it. -- Dr. Joseph T. Foley Assistant Professor, Reykjavik University