[Freeipa-users] ipa automount bug?

Evening, I am trying to import some autos map from a file to FreeIPA LDAP and have noticed two problems that can be considered a bug in my humble opinion. This is on: ipa-server-4.2.0-15.0.1.el7 1. This either is a documentation bug that suggest one can specify a parent map while thats

Re: [Freeipa-users] ipa-replica-install fails because of IPv6?

Am 26.10.2016 um 16:27 schrieb Martin Basti: > > > > On 26.10.2016 16:10, Jochen Demmer wrote: >> Hi, >> >> my answers also inline. >> >> Am 26.10.2016 um 15:38 schrieb Martin Basti: >>> >>> Hi, comments inline >>> >>> >>> On 26.10.2016 14:28, Jochen Demmer wrote: Hi, I've been

Re: [Freeipa-users] ipa-replica-install fails because of IPv6?

On 26.10.2016 16:10, Jochen Demmer wrote: Hi, my answers also inline. Am 26.10.2016 um 15:38 schrieb Martin Basti: Hi, comments inline On 26.10.2016 14:28, Jochen Demmer wrote: Hi, I've been running and using a single FreeIPA server successfully, i.e.: Fedora 24

Re: [Freeipa-users] container for custom objects

Michael Ströder wrote: HI! I'd like to add some custom entries (custom STRUCTURAL object class) to FreeIPA tree in 389-DS. But I'd like to make sure that there won't be any issues when upgrading the system later on. So where to add a container for those custom objects? At top-level domain

[Freeipa-users] container for custom objects

HI! I'd like to add some custom entries (custom STRUCTURAL object class) to FreeIPA tree in 389-DS. But I'd like to make sure that there won't be any issues when upgrading the system later on. So where to add a container for those custom objects? At top-level domain entry? BTW: Is there

Re: [Freeipa-users] ipa-replica-install fails because of IPv6?

On 26.10.2016 17:25, Jochen Demmer wrote: Am 26.10.2016 um 16:48 schrieb Martin Basti: On 26.10.2016 16:42, Jochen Demmer wrote: Am 26.10.2016 um 16:27 schrieb Martin Basti: On 26.10.2016 16:10, Jochen Demmer wrote: Hi, my answers also inline. Am 26.10.2016 um 15:38 schrieb

Re: [Freeipa-users] ipa-replica-install fails because of IPv6?

Hi, my answers also inline. Am 26.10.2016 um 15:38 schrieb Martin Basti: > > Hi, comments inline > > > On 26.10.2016 14:28, Jochen Demmer wrote: >> Hi, >> >> I've been running and using a single FreeIPA server successfully, i.e.: >> Fedora 24 >> freeipa-server-4.3.2-2.fc24.x86_64 >> This server

Re: [Freeipa-users] ipa-replica-install fails because of IPv6?

On 26.10.2016 16:42, Jochen Demmer wrote: Am 26.10.2016 um 16:27 schrieb Martin Basti: On 26.10.2016 16:10, Jochen Demmer wrote: Hi, my answers also inline. Am 26.10.2016 um 15:38 schrieb Martin Basti: Hi, comments inline On 26.10.2016 14:28, Jochen Demmer wrote: Hi, I've been

[Freeipa-users] ipa-replica-prepare failing

While trying to run IPA replica prepare with debug, we see an unexplained failure. Debug seems to show the process running smoothly, then I see: "Certificate issuance failed". Looking at previous mail-archives, I see that someone has run into this before, however all permissions on

Re: [Freeipa-users] ipa-replica-prepare failing

On Wed, Oct 26, 2016 at 04:18:12PM -0700, Joshua Ruybal wrote: > While trying to run IPA replica prepare with debug, we see an unexplained > failure. > > Debug seems to show the process running smoothly, then I see: "Certificate > issuance failed". > > Looking at previous mail-archives, I see

[Freeipa-users] dns_tkey_negotiategss: failure GSSAPI error [...] Message stream modified.

Hello all, I'm still having problems with my IPA Client install... My errors aren't bringing up any meaningful results on Google, so I really appreciate any hints anyone might have! To narrow the scope of the problem, I simply rebuilt both the server and the client from scratch... This time

[Freeipa-users] rpm dependencies

hi all quick question - does IPA rpms depend on samaba's? I'm hoping I can remove samba-common but dnf fies a 46 packages long list of dependencies - is it somehow broken? If is not and that is 100% correct long chain of deps - then can samba be safely downgraded to 3.6.x ? given that IPA

[Freeipa-users] FreeIPA domains and sub-domains

Hi Everyone! If I have two networks, say A and B, and I want both to use the same FreeIPA server, should I have one Freeipa domain for network A and a sub-domain for network B, (domain.local and b.domain.local), or should I create two top level domains (a.local and b.local)? What's the

Re: [Freeipa-users] ipa-cacert-manage install failing with subject public key info mismatch

Does anybody have a clue on how to continue with this? Kind Regards, David 2016-10-24 10:10 GMT+02:00 David Dejaeghere : > These are both the subjects for the old and new root ca cert. > > Subject: "CN=tokio-PAPRIKA-CA,DC=tokio,DC=local" > Subject

[Freeipa-users] ipa-replica-install fails because of IPv6?

Hi, I've been running and using a single FreeIPA server successfully, i.e.: Fedora 24 freeipa-server-4.3.2-2.fc24.x86_64 This server is only available via IPv6, because I can't get public lPv4 addresses no more. Now I want to setup a FreeIPA replica at another site also running IPv6, Fedora 24

Re: [Freeipa-users] FreeIPA domains and sub-domains

On ke, 26 loka 2016, Ranbir wrote: Hi Everyone! If I have two networks, say A and B, and I want both to use the same FreeIPA server, should I have one Freeipa domain for network A and a sub-domain for network B, (domain.local and b.domain.local), or should I create two top level domains

Re: [Freeipa-users] ipa-replica-install fails because of IPv6?

Hi, comments inline On 26.10.2016 14:28, Jochen Demmer wrote: Hi, I've been running and using a single FreeIPA server successfully, i.e.: Fedora 24 freeipa-server-4.3.2-2.fc24.x86_64 This server is only available via IPv6, because I can't get public lPv4 addresses no more. Now I want to