[Freeipa-users] mysql connection has been blocked by sss_ssh_knownhostsproxy

2017-05-17 Thread Matrix
There is a weird issue occurred with sss_ssh_knownhostsproxy. I am not sure it is within the coverage of IPA mail-list. but want to get some suggestions from your side Background: server A running with mysql database. And it will simultaneously send a 1.3GB file to 14 clients. With

Re: [Freeipa-users] Freeipa and limiting access by group (memberOf)

2017-05-17 Thread Jakub Hrozek
On Tue, May 16, 2017 at 07:56:38AM -0600, Janet Houser wrote: > Hi Folks, > > Last week I deployed freeipa on a CentOS7 VM. The installation went very > smoothly using: > > yum install ipa-server > > and > > ipa-server-install > > > My issue is with connecting a CentOS 7 client.

Re: [Freeipa-users] CentOS patch management on FreeIPA server

2017-05-17 Thread Christophe TREFOIS
Hi, I think yum update is fine, just don’t do it at the same time. It’s written somewhere in the docs that this could lead to crappy outcome. Also, Lachlan, how do you do backups of FreeIPA? -- Dr Christophe Trefois, Dipl.-Ing. Technical Specialist / Post-Doc UNIVERSITÉ DU LUXEMBOURG

Re: [Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

2017-05-17 Thread Robert L. Harris
Ok, I reverted to a completely fresh install, literally just after the first reboot. It installed cleanly. So there's something in a package upgrade that's breaking things. I may try to figure it out later. On Tue, May 16, 2017 at 3:08 PM Dagan McGregor wrote: > On 17 May

Re: [Freeipa-users] CentOS patch management on FreeIPA server

2017-05-17 Thread Lakshan Jayasekara
Hi Chris, Thanks for the update. Pl let me know any sort of configuration backup can be taken for IPA server. Also let me know the sequence of updating the systems, as I have IPA servers and a replica server in my infrastructure. These are virtual servers and backing up before updating. Best

Re: [Freeipa-users] CentOS patch management on FreeIPA server

2017-05-17 Thread Lachlan Musicman
On 17 May 2017 at 15:23, Lakshan Jayasekara < lakshan.jayasek...@lankaclear.com> wrote: > > Hi All, > > > > I’m using FreeIPA server VERSION: 4.4.0, API_VERSION: 2.213 and running on CentOS 7 and have one replica server as well. I need to patch up centos system as per PCI DSS compliance. Let me

Re: [Freeipa-users] Password and OTP auth

2017-05-17 Thread Andrey Dudin
Hello If I do ipa user-mod test --user-auth-type=password --user-auth-type=otp I have user: [root@ipa-centos]# ipa user-show test User login: test First name: test Last name: test Home directory: /home/test Login shell: /bin/sh Principal name: t...@mydomain.com Principal alias:

Re: [Freeipa-users] Password and OTP auth

2017-05-17 Thread Sumit Bose
On Tue, May 16, 2017 at 06:05:06PM +0300, Andrey Dudin wrote: > Thanks, but I think I have a problem. > > I have test user: > > [root@ipa-centos]# ipa user-show test > User login: test > First name: test > Last name: test > Home directory: /home/test > Login shell: /bin/sh >