On 21.04.2016 22:01, Timo Aaltonen wrote:
>
> ps. Debian unstable will have 4.3.1 once the package has gone through
> the NEW queue because the packaging got split in certain ways
No it did not, because the ftpmaster rejected the upload since it ships
with minified javascript which is not consider
This is the error I get:
ldapsearch -LLL GSSAPI -b cn=users,cn=accounts,$REALM uid=admin
SASL/EXTERNAL authentication started
ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
additional info: SASL(-4): no mechanism available:
-Harry
On 28 August 2016 at 08:01, Rob Critten
On Mon, 29 Aug 2016, Harry Kashouli wrote:
This is the error I get:
ldapsearch -LLL GSSAPI -b cn=users,cn=accounts,$REALM uid=admin
SASL/EXTERNAL authentication started
ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
additional info: SASL(-4): no mechanism available:
Yo
Don't answer directly, answer to the list.
On Mon, 29 Aug 2016, Harry Kashouli wrote:
Gotcha, updated error below:
$ldapsearch -LLL -Y GSSAPI -b cn=users,cn=accounts,$REALM uid=admin
SASL/GSSAPI authentication started
SASL username: ad...@outland.zsazouli.com
SASL SSF: 56
SASL data security lay
Sorry, I missed adding the mailing list, added now.
Ah, I'll bear that in mind about authentication prior to 4.4. I have 4.3.1
on Fedora 24 right now. I'm using anonymous authentication for now, for my
various situations such as Jira/etc, and it seems to work, and I'll try
again in 4.4 with variou
My IPA server has bunch of IPA-clients registered with it, i have done
department/product wise grouping of my ipa clients and users. Example: for
business unit1 (BU1) i have "BU1UserGroup" and "BU1HostGroup" similarly for
BU2 its "BU2UserGroup" & "BU2HostGroup". Now i want to have department w
Hi Thierry,
Coz of the issues we had to revert back to earlier running openldap in
production.
I have now done a few TCP related changes in sysctl.conf and have also
increased the nsslapd-dbcachesize and nsslapd-cachememsize to 200MB
I will again start migrating hosts back to IPA and see if I fa
I tried increasing the nsslapd-dbcachesize and nsslapd-cachememsize in my
QA envs to 200MB.
However, in my log files, I still see this message
[29/Aug/2016:04:34:37 +] - WARNING: ipaca: entry cache size 10485760B
is less than db size 11599872B; We recommend to increase the entry cache
size nss
Hi Rakesh,
Those tuning may depend on the memory available on your machine.
nsslapd-cachememsize allows the entry cache to consume up to 200Mb but
its memory footprint is known to go above.
200Mb both looks pretty good to me. How large is your machine ? What is
your version of 389-ds ?
Those
Hi Thierry,
My machine has 30GB RAM ..and 389-ds version is 1.3.4
ldapsearch shows the values for nsslapd-cachememsize updated to 200MB.
ldapsearch -LLL -o ldif-wrap=no -D "cn=directory manager" -w 'mypassword'
-b 'cn=userRoot,cn=ldbm database,cn=plugins,cn=config'|grep
nsslapd-cachememsize
nss
On 08/25/2016 03:10 PM, Mark Reynolds wrote:
>
>
> On 08/25/2016 02:04 PM, Ian Harding wrote:
>>
>> On 08/25/2016 10:41 AM, Rob Crittenden wrote:
>>> Ian Harding wrote:
On 08/24/2016 06:33 PM, Rob Crittenden wrote:
> Ian Harding wrote:
>> I tried to simply uninstall and reinst
**adding FreeIPA-Users***
Hi Alexander,
I was referring to you below reply regarding managing the access ( adding and
deleting etc) for only those hosts which are part of a particular hostgroup -
you mentioned i can do that using "additional target filter based on the
hostgroup membership."
On 08/29/2016 10:53 AM, Rakesh Rajasekharan wrote:
Hi Thierry,
My machine has 30GB RAM ..and 389-ds version is 1.3.4
ldapsearch shows the values for nsslapd-cachememsize updated to 200MB.
ldapsearch -LLL -o ldif-wrap=no -D "cn=directory manager" -w
'mypassword' -b 'cn=userRoot,cn=ldbm
datab
On 08/29/2016 12:48 PM, Ian Harding wrote:
>
> On 08/25/2016 03:10 PM, Mark Reynolds wrote:
>>
>> On 08/25/2016 02:04 PM, Ian Harding wrote:
>>> On 08/25/2016 10:41 AM, Rob Crittenden wrote:
Ian Harding wrote:
> On 08/24/2016 06:33 PM, Rob Crittenden wrote:
>> Ian Harding wrote:
Hi All,
I have created below permission for my "testhostgroup" with the expectation
that this permission will only allow write permission to the members of
"testhostgroup" but, then it allows me to add/delete other hostgroup members as
well. I tried changing the effective attribute to "memberof"
The exact same error is in the /var/log/ipareplica-install log
Here are the last few relevant lines.
File "/usr/lib/python2.7/site-packages/ipalib/plugins/otptoken.py",
line 28, in
from backports.ssl_match_hostname import match_hostname
2016-08-11T03:53:02Z DEBUG The ipa-replica-install c
On Mon, 29 Aug 2016, Deepak Dimri wrote:
Hi All,
I have created below permission for my "testhostgroup" with the
expectation that this permission will only allow write permission to
the members of "testhostgroup" but, then it allows me to add/delete
other hostgroup members as well. I tried changi
On Tue, 30 Aug 2016, Alexander Bokovoy wrote:
On Mon, 29 Aug 2016, Deepak Dimri wrote:
Hi All,
I have created below permission for my "testhostgroup" with the
expectation that this permission will only allow write permission to
the members of "testhostgroup" but, then it allows me to add/delete
Dear all,
our freeipa (4.1.4) environment manages about 60 users and 250 hosts.
Trying to find out why the disk of our freeipa server is getting tight,
we saw that the database files
[root@ipa cldb]# ls -lh
total 4.9G
-rw--- 1 dirsrv dirsrv 32M Aug 30 08:10
9b098085-8a0c11e5-b48de780-506eaf
19 matches
Mail list logo
