[Freeipa-users] Read-only replicas?

Is there read-only replica support in freeipa? The use case is a dmz. Thanks... -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] Question about ipa user accounts and the compat container

On su, 12 maalis 2017, Robert Johnson wrote: On Sun, Mar 12, 2017 at 4:45 PM, Alexander Bokovoy wrote: On su, 12 maalis 2017, Robert Johnson wrote: Sorry I should have given some more information. We are trying to allow the user's from the trusted windows domain to

Re: [Freeipa-users] ldap tree: etc-location & ca-cas

On 11.03.2017 14:11, lejeczek wrote: > hi everyone > > my domain seems ok but I've decided to watch it closely on more > regular basis and am in a process of learning the tree. > I found a few +nsuniqueid and I wonder: is there a relation (surely > is, but how critical) between etc-location &

Re: [Freeipa-users] install freeipa amazon Linux

On (13/03/17 00:16), barry...@gmail.com wrote: >Hi: > >anyone has exp install freeipa in amazon linx base on fredora? > >I tried install repo myself but it fail only say no such freeipa > >which repo ishould use ...I already tried many difference source still fail. > >it seem it has its own amaz

Re: [Freeipa-users] SSSD bug found? FreeIPA vs SSSD

I am still having problems with FreeIPA/HBAC, SSSD and logging into hosts. Could this be the reason that SSSD isn't picking up the full list of groups a user belongs to? In particular, ipa hbac test says true. "id domain\\username" or "id username@domain" returns the correct groups. But the

Re: [Freeipa-users] Add host to hostgroup in ipa-client-add

On 03/10/2017 10:52 PM, Alexander Bokovoy wrote: > On pe, 10 maalis 2017, Orion Poplawski wrote: >> I'm using ipa-client-add with --unattended and a OTP to enroll machines at >> install time. I'd like to be able to add them to a particular hostgroup at >> the same time to avoid having to do that