[Freeipa-users] Using 389-console with FreeIPA 3

I realize this question has been brought forth previously, but I am unable to find a clear answer. I have a 389-ds environment that is serving as an authentication back end for a python application. The plan was to use this as a kind of SSO for other future applications and we have MANY users/gro

[Freeipa-users] Duplicate objects after 4.1 ipa-server upgrade

After upgrading to 4.1 I have duplicated permission objects in my directory with names including nsuniqueid. Is it safe to delete all of these objects? Somehow this is only causing an issue for a specific user hitting a specific HBAC policy. (Mon Nov 2 14:29:23 2015) [sssd[be[blue-shift.com

Re: [Freeipa-users] Duplicate objects after 4.1 ipa-server upgrade

talk of a mechanism to just handle this on a regular basis (not that this situation should happen regularly)? > On Nov 3, 2015, at 1:42 AM, Martin Kosek wrote: > > On 11/03/2015 12:05 AM, Andrew Krause wrote: >> After upgrading to 4.1 I have duplicated permission objects

[Freeipa-users] 3/4 replica failure - unknown reasons why

Yesterday I came in to 3 of my 4 freeipa replicas in an unusable state and replication was not connecting any of the hosts to each other. My first/primary host was still servicing authentication requests, but the others were in varying states of usability. I’ve investigated logs on all 4 nodes

Re: [Freeipa-users] 3/4 replica failure - unknown reasons why

requests. The other 3 nodes are basically just a hot standby. At this point we’re hoping it was a fluke, we’ve tightened our monitoring and awareness since we have no way to explain the root cause. > On Nov 12, 2015, at 2:38 AM, thierry bordaz wrote: > > On 11/11/2015 04:20 P

[Freeipa-users] Freeipa web UI: An error has occurred (IPA Error 4302: CertificateFormatError)

-startStop-1 - [17/Apr/2017:10:11:53 CDT] [20] [1] SelfTestSubsystem: loading self test plugins in startup order 0.localhost-startStop-1 - [17/Apr/2017:10:11:53 CDT] [20] [1] SelfTestSubsystem: Self test plugins have been successfully loaded! 0.localhost-startStop-1 - [17/Apr/2017:10:11:53 CDT]

Re: [Freeipa-users] Freeipa web UI: An error has occurred (IPA Error 4302: CertificateFormatError)

Sorry for the self bump but no one has any insight on this? > On Apr 17, 2017, at 11:31 AM, Andrew Krause > wrote: > > Many hosts in our web ui show a null status for “enrolled”. When you do a > search that includes any of these host objects the web UI posts errors, and &g

Re: [Freeipa-users] Freeipa web UI: An error has occurred (IPA Error 4302: CertificateFormatError)

,dc=com))(entryusn>=20038636))" attrs="objectClass cn ipaUniqueID ipaEnabledFlag ipaSudoOpt ipaSudoRunAs ipaSudoRunAsGroup memberAllowCmd memberDenyCmd memberHost memberUser sudoNotAfter sudoNotBefore sudoOrder cmdCategory hostCategory userCategory ipaSudoRunAsUserCategory ipaS