ma Settings
Group Members Attribute: member
User Membership Attribute: member (This is not used due to the next option)
User the User Membership Attribute: (Ensure this is unchecked, it is not
supported)
Now save and test using the user who is in the groups created above.
Hope this
ed unexpected status: Authorization Required'. Do I need to
store the details of the failed login so that I can authorize my RPC?
Is there any documentation on the FreeIPA XMLRPC which I can read? I
have the API, but no more. I had to dig into the apache configuration
to find the domain path context
Hi,
Thanks for your replies.
On Fri, Oct 30, 2009 at 09:29, Rob Crittenden wrote:
> Jason Gerard DeRose wrote:
>>
>> On Thu, 2009-10-29 at 17:56 -0400, Dan Scott wrote:
>>>
>>> Hi,
>>>
>>> I'm trying to integrate FreeIPA with a Java w
Sorry, forgot to copy everyone else in.
Dan
-- Forwarded message --
From: Dan Scott
Date: Fri, Oct 30, 2009 at 18:15
Subject: Re: [Freeipa-users] Library to change expired password
To: Rob Crittenden
Hi,
On Fri, Oct 30, 2009 at 17:42, Rob Crittenden wrote:
> Dan Sc
On Sat, Oct 31, 2009 at 12:50, Simo Sorce wrote:
> On Fri, 2009-10-30 at 18:16 -0400, Dan Scott wrote:
>> OK, that makes sense, thanks. But there's still one thing I don't
>> really understand. How do the ipa tools obtain a ticket for the RPC
>> when the passw
Sorry again, forgot to CC the mailing list.
Dan
On Tue, Nov 3, 2009 at 16:10, Dan Scott wrote:
> Hi,
>
> On Mon, Nov 2, 2009 at 07:33, Simo Sorce wrote:
>> On Sun, 2009-11-01 at 22:26 -0500, Dan Scott wrote:
>>> On Sat, Oct 31, 2009 at 12:50, Simo Sorce wrote:
>&g
Generally, I've found that this is caused by incorrect DNS records.
Make sure that your A and PTR records are correct for this host.
One other thing, you should be able to run ipa-getkeytab directly on the client.
Hope this helps,
Dan Scott
http://danieljamesscott.org
On Wed, Dec 9, 2009
able to authenticate to
C.B.EXAMPLE.COM, but not the other way around (This is how I would
like it setup).
However, this does not appear to work. I assume that I need to add
some entries to the LDAP server as well? Does anyone know if this is
true and if so, how I should go about it?
Thanks,
Dan
Hi,
On Fri, Dec 18, 2009 at 13:40, Nalin Dahyabhai wrote:
> On Fri, Dec 18, 2009 at 12:31:44PM -0500, Dan Scott wrote:
>> I have added these principals to both FreeIPA servers:
>>
>> krbtgt/c.b.example@a.example.com
>>
>> (I see the warning in the FreeIPA doc
any error occurs
before the error message above is displayed.
Thanks,
Dan Scott
http://danieljamesscott.org
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
Sorry, there was an error in my DNS configuration. The TXT entry for
_kerberos was incorrect.
Dan
On Wed, Jan 6, 2010 at 09:50, Dan Scott wrote:
> Hi,
>
> I've just tried to add an new Fedora 12 PC to our FreeIPA realm and I
> received the following error:
>
> [r..
ce in
crond quiet use_uid
session required pam_unix.so
session optional pam_krb5.so
[r...@pc45 ~]#
Does anyone have any suggestions for why this is not working?
Thanks,
Dan Scott
___
Freeipa-users mailing list
Freeipa-users@redha
chine. I used to
run "/etc/init.d/nscd reload" for nscd, but this does not appear to
work for sssd.
I've read through the SSSD howto:
https://fedorahosted.org/sssd/wiki/HOWTO_Configure_1_0_2
but this does not mention clearing the cache - only how to se
27;id' command.
Maybe the cache was corrupted?
Thanks,
Dan
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
Can anyone explain the role of krb5.conf and sssd.conf and provide any
ideas for why I cannot authenticate against fileserver2?
Thanks,
Dan Scott
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
dancy works. Can I have 2 krb5_kdcip entries? If I set it to one
or the other then the redundant server won't work, will it?
UPDATE: Have just received Jakub Hrozek email (Thanks Jakub). Adding
fileserver1, fileserver2 appears to have fixed the problem
ling, I found this:
http://directory.fedoraproject.org/wiki/Subtree_Rename#warning:_upgrade_from_389_v1.2.6_.28a.3F.2C_rc1_.7E_rc6.29_to_v1.2.6_rc6_or_newer
Which could well apply in my case, but I wanted to check to ensure
that this would apply to FreeIPA.
Does anyone have any comments suggestions about
ed
in 389-ds-base-1.2.6.rc7 (I'm not sure whether that's earlier or later
than 389-ds-base-1.2.6-0.1.a1 - an alpha?). Hopefully there will be an
update soon, and this will resolve the problem.
Thanks,
Dan
On Wed, Aug 11, 2010 at 12:26, Rob Crittenden wrote:
> Dan Scott wrote:
>&g
/Subtree_Rename#warning:_upgrade_from_389_v1.2.6_.28a.3F.2C_rc1_.7E_rc6.29_to_v1.2.6_rc6_or_newer
The dirsrv process started correctly and started answering requests.
Looking good so far.
I guess it's time to consider upgrading the master from Fedora 11. :)
At lea
entry of
instance userRoot.
The krb5kdc service fails to start at all.
Does anyone have any ideas for how to fix this?
Thanks,
Dan Scott
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
Hi,
Thanks for the reply. It's been upgraded from F12:
On Thu, Sep 16, 2010 at 15:49, Rich Megginson wrote:
> Dan Scott wrote:
>> This morning, I installed 389-base-1.2.6-1.fc13.x86_64 package on our
>> Fedora 13 replica FreeIPA server (Update made available yesterday).
>
erent error, sorry.
Thanks for your help,
Dan
On Thu, Sep 16, 2010 at 16:15, Rich Megginson wrote:
> Dan Scott wrote:
>>
>> Hi,
>>
>> Thanks for the reply. It's been upgraded from F12:
>>
>> On Thu, Sep 16, 2010 at 15:49, Rich Megginson wrote:
>>
r? Or will
the slave server replicate my new server and lose everything?
Thanks,
Dan
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
meTocurie.example.com636" (curie:636): Beginning linger on
the connection
[22/Sep/2010:10:48:44 -0400] NSMMReplicationPlugin -
agmt="cn=meTocurie.example.com636" (curie:636): State: sending_updates
-> start_backoff
curie is the replicated server.
Does anyone have any suggestio
'initialized' means. Do you mean that replication
has not been configured? This server has been replicating fine for
over a year.
According to this:
http://freeipa.org/docs/1.2/Installation_Deployment_Guide/en-US/html/sect-Installation_and_Deployment_Guide-Setting_up_Multi_Mast
m with dirsrv which lasted for a week though.
> Does the ipa-replica-manage command line tool have an option for doing a
> reinit?
I see that there's an 'init' option. If I'm happy to throw away any
changes on curie, can I just run the init on curie and it will
re-ini
Excellent, that seems to have solved it, thanks.
Dan
On Wed, Sep 22, 2010 at 13:32, Rob Crittenden wrote:
> Dan Scott wrote:
>>
>> Hi,
>>
>> Sorry, I just checked the manpage myself and I see that there's an
>> init option to ipa-replica-manage.
>
d synch to try to fix the
replication, but I suspect this has something to do with the schema
definition.
Does anyone have any pointers/ideas for how I can fix this?
Thanks,
Dan Scott
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.re
Hi,
On Wed, Oct 6, 2010 at 11:32, Simo Sorce wrote:
> On Wed, 6 Oct 2010 10:26:48 -0400
> Dan Scott wrote:
>
>> Hi,
>>
>> I have master and slave FreeIPA servers. I recently upgraded the slave
>> by wiping, re-installing Fedora 13 and re-creating the replication
Hi,
ohm_admins.ldif and curie_admins.ldif attached. I added a '-h
$hostname' to the command to ensure that I queried both servers. The
results look identical to me, apart from the ordering.
Thanks,
Dan
On Wed, Oct 6, 2010 at 15:34, Rob Crittenden wrote:
> Dan Scott wrote:
>&
r to be correct on both servers. Both ohm
and curie have groups which contain the correct 'member' attributes.
So the problem appears to be that ohm contains groups with correct
'members', but none of the users have any 'memberOf's.
Thanks,
Dan
On Wed, Oct 6, 2010
Hi,
On Wed, Oct 6, 2010 at 18:30, Rich Megginson wrote:
> Dan Scott wrote:
>>
>> I'm not sure which group this is referring to. Admins only contains 3
>> users, no nested groups.
>>
>> The problem appears to be related to the users, rather than the
>
Hi,
On Wed, Oct 6, 2010 at 19:29, Nathan Kinder wrote:
> On 10/06/2010 03:08 PM, Dan Scott wrote:
>>
>> I'm not sure which group this is referring to. Admins only contains 3
>> users, no nested groups.
>>
>
> Do any other groups have a "member" att
On Wed, Oct 6, 2010 at 22:02, Rich Megginson wrote:
> Dan Scott wrote:
>>
>> Hi,
>>
>> On Wed, Oct 6, 2010 at 18:30, Rich Megginson wrote:
>>
>>>
>>> Dan Scott wrote:
>>>
>>>>
>>>> I'm not sure which group
On Thu, Oct 7, 2010 at 10:20, Rich Megginson wrote:
> Dan Scott wrote:
>>
>> On Wed, Oct 6, 2010 at 22:02, Rich Megginson wrote:
>>
>>>
>>> Dan Scott wrote:
>>>
>>>>
>>>> Hi,
>>>>
>>>>
On Thu, Oct 7, 2010 at 10:58, Rob Crittenden wrote:
> Dan Scott wrote:
>>
>> On Thu, Oct 7, 2010 at 10:20, Rich Megginson wrote:
>>>
>>> Dan Scott wrote:
>>>>
>>>> On Wed, Oct 6, 2010 at 22:02, Rich Megginson
>>>> wrote:
>&
# ldapsearch -x -D "cn=directory manager" -W -LLL -b
"cn=plugins,cn=config" -s one 'cn=*member*' cn nsslapd-pluginEnabled
Enter LDAP Password:
dn: cn=ipa-memberof,cn=plugins,cn=config
cn: ipa-memberof
nsslapd-pluginEnabled: on
d
On Thu, Oct 7, 2010 at 11:47, Dan Scott wrote:
> On Thu, Oct 7, 2010 at 11:32, James Roman wrote:
>> On 10/07/2010 11:20 AM, Rich Megginson wrote:
>>>
>>> 20 is "type or value exists" - I think this means that it is attempting to
>>> set a ref
On Fri, Oct 8, 2010 at 11:39, James Roman wrote:
>
>> So does anyone have any more suggestions? Or should I just configure a
>> new replica with new hostname and IP?
>>
>> Thanks,
>>
>> Dan
>
> I've seen the initial problem where the memberof ele
On Fri, Oct 8, 2010 at 13:18, Rich Megginson wrote:
> Dan Scott wrote:
>>
>> On Fri, Oct 8, 2010 at 11:39, James Roman wrote:
>>
>>>>
>>>> So does anyone have any more suggestions? Or should I just configure a
>>>> new replica
On Fri, Oct 8, 2010 at 14:52, James Roman wrote:
> On 10/08/2010 01:49 PM, Dan Scott wrote:
>>
>> On Fri, Oct 8, 2010 at 13:18, Rich Megginson wrote:
>>>
>>> Dan Scott wrote:
>>>>
>>>> On Fri, Oct 8, 2010 at 11:39, James Roman
>>
On Fri, Oct 8, 2010 at 16:28, Nathan Kinder wrote:
> On 10/08/2010 12:08 PM, Dan Scott wrote:
>>
>> On Fri, Oct 8, 2010 at 14:52, James Roman wrote:
>>
>>>
>>> On 10/08/2010 01:49 PM, Dan Scott wrote:
>>>
>>>>
>>>> On Fri
ur
remote users, since they have to connect remotely, using SSH.
Thanks,
Dan Scott
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
/share/ipa/ipaserver/ipaxmlrpc.py", line 205, in _dispatch\n
raise Fault(1, "Invalid method: %s" % method)\n
Fault: <Fault 1: u'Invalid method: join'>\n
\n
\n
\n
\n
\n
Is this configuration supported? The current FreeIPA documentation
only provides
Hi,
On Wed, Dec 1, 2010 at 13:58, Dmitri Pal wrote:
> Dan Scott wrote:
>> I'm trying to connect a RHEL6 system to a Fedora 13 FreeIPA server.
>>
> Which IPA version you are trying to connect to?
> I suspect it is trying to invoke an IPA v2 RPC call against an IPA
us on this?
Thanks,
Dan Scott
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
n
> time in this period.
No problem, thanks for the response. For reference, the archived post
with link to the SRPM is here:
https://www.redhat.com/archives/freeipa-users/2010-December/msg00011.html
Thanks,
Dan
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
Hi,
I saw a similar problem with a recently installed VM. There was a problem with:
/etc/nss_ldap.conf
which didn't contain the correct configuration. I copied the config from:
/etc/ldap.conf
and the 'id' command started working correctly.
Hope this helps,
Dan
On Wed, Dec 22
not at the same time as ohm.
I have to do:
/etc/init.d/dirsrv status
to get things working again. Does anyone know how I can figure out what the
problem is? I also have 2 Fedora 13 IPA FreeIPA servers which *don't*
exhibit this problem.
Thanks,
Dan
Hi,
Thanks for the quick response
On Thu, Jan 27, 2011 at 10:19, Rich Megginson wrote:
> On 01/27/2011 07:47 AM, Dan Scott wrote:
>
> Hi,
>
> I have a FreeIPA server running on Fedora 14
>
> [root@ohm ~]# rpm -qa|grep ipa-server
> ipa-server-selinux-1.2.2-5.fc14.x86
Hi all,
Can anyone tell me how to script calls from the ipa server? I would like to be
able to do something like "ipa group-show unix_admin" in a script, but I don't
know how to pass Kerberos credentials that don't expire.
I'd appreciate some help, thanks!
Dan
--
Man
he budget to keep them at the coffee pot waiting
on the network. So, what further information do you need from me to
track this one down?
Dan
--
Dan Mossor
Systems Engineer at Large
Fedora KDE WG | Fedora QA Team | Fedora Server SIG
Fedora Infrastructure Apprentice
FAS: dmossor IRC: danofsatx
On 04/05/2015 12:51 PM, Dmitri Pal wrote:
On 04/05/2015 12:10 AM, Dan Mossor wrote:
I've recently deployed a new domain based on 4.1.2 in F21. We've
noticed an issue and can't quite seem to nail it down. The problem is
that logins are taking an inordinate amount of time to
On 04/07/2015 03:05 AM, Jakub Hrozek wrote:
On Mon, Apr 06, 2015 at 08:01:46PM -0500, Dan Mossor wrote:
On 04/05/2015 12:51 PM, Dmitri Pal wrote:
Several tips.
Please check your DNS configuration.
Such delay is usually caused by the DNS lookups timing out. That means
that the servers probably
those of y'all that operate in secure environments, what trick do
you use to fully integrate IPA and Active Directory?
--
Dan Mossor, RHCSA
Systems Engineer
Fedora Server WG | Fedora KDE WG | Fedora QA Team
Fedora Infrastructure Apprentice
FAS: dmossor IRC: danofsatx
San Antonio, Texas, USA
didn't think the SID was even being evaluated - the authentication
being attempted was through Kerberos, which I uderstand only uses host
keytabs, not SIDs. Am I correct in this situation?
Dan
--
Dan Mossor, RHCSA
Systems Engineer
Fedora Server WG | Fedora KDE WG | Fedora QA Team
Fedora
On 07/31/2015 10:08 AM, Sumit Bose wrote:
On Fri, Jul 31, 2015 at 09:23:53AM -0500, Dan Mossor wrote:
On 07/31/2015 02:52 AM, Sumit Bose wrote:
Thank you for the detailed analysis. I guess the 'server was
inaccessible' error is due to the fact that currently FreeIPA does not
hav
[2] https://copr.fedoraproject.org/coprs/mkosek/freeipa-4.2
I apologize for not responding sooner. Yes, this would be of great
interest to me, but I can accept if there is no other demand and I need
to wait for the "official" release.
--
Dan Mossor, RHCSA
Systems Engineer
Fedora Serve
in
the ssh logs.
Thanks for any help,
-Dan
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
AM, Alexander Bokovoy
wrote:
> On to, 22 joulu 2016, Dan Kemp wrote:
>
>> Hello,
>>
>> I recently ran an upgrade of my freeipa servers, and most of the clients
>> to
>> 4.4.0 (Current with CentOS 7 repos) from version 4.2.0. After the install
>> and serve
it up as a
replication server, then destroy the F20 VM. Will that be a seamless
migration, or am I missing something?
--
Dan Mossor, RHCSA
Systems Engineer at Large
Fedora KDE WG | Fedora QA Team | Fedora Server SIG
Fedora Infrastructure Apprentice
FAS: dmossor IRC: danofsatx
San Antonio, Texas
SSDARGS=""
My last attempt at an /etc/exports file before I gave up:
/home/repo gss/krb5p(rw,no_root_squash,subtree_check,fsid=0)
What other information do y'all need to help me get this working?
--
Dan Mossor
Systems Engineer at Large
Fedora QA Team | Fedora KDE SIG | Fedora Serve
system wide as we also have samba and some
other services that rely on system authentication.
Can anyone be of some help?
Thanks!
Dan
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
On 12/29/2014 4:22 PM, Pal, Dmitri wrote:
>On 12/29/2014 03:40 PM, Watson, Dan wrote:
>> Hi All,
>>
>> I've lurked in the list history and cannot find anyone saying they have
>> gotten login restrictions working with Solaris 10 u8. Has anyone on here
>> succ
h-3.2#
Thanks!
Dan
-Original Message-
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: January 02, 2015 10:15 AM
To: Watson, Dan; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Integration with Solaris 10
Watson, Dan wrote:
> Hi All,
>
> I've lurked in the list
rson.
Thanks for all the help!
Dan
-Original Message-
From: Watson, Dan
Sent: January 02, 2015 11:41 AM
To: 'Rob Crittenden'; freeipa-users@redhat.com
Subject: RE: [Freeipa-users] Integration with Solaris 10
Hi Rob,
Thanks for the reply. Unfortunately /usr/bin/getent on my system
Thank you for your reply.
An "ldapsearch" revealed that the buffer is set to 64k on both the master and
the replica.
I will increase to size to 2M and test to see if this resolves the problem.
Best regards,
Dan
-Original Message-
From: David Kupka [mailto:dku...@redhat.
Hi,
Thank you once again for your reply.
Increasing the nsslapd-sasl-max-buffer-size to 2M on both servers and
restarting the IPA services seems to have resolved the issue.
Best regards,
Dan
-Original Message-
From: David Kupka [mailto:dku...@redhat.com]
Sent: Thursday, January
What would be the minimum recommended disk size for a virtual FreeIPA
server on a network consisting of less than 30 users and 100 hosts?
Regards,
Dan
--
Dan Mossor
Systems Engineer at Large
Fedora KDE WG | Fedora QA Team | Fedora Server SIG
Fedora Infrastructure Apprentice
FAS: dmossor IRC
s.
Restarting ipa.service, I was able to log in with my user account, and
was notified that my password expires in 0 days - even though it was
just created less than an hour ago.
Is this a known issue, or is there a hidden problem with the rolekit
deployment that I need to track down?
--
Dan Mossor
On 02/20/2015 03:53 AM, Petr Vobornik wrote:
On 02/20/2015 09:44 AM, Martin Kosek wrote:
On 02/20/2015 02:00 AM, Dan Mossor wrote:
<---snip--->
After approximately 15 minutes, I am kicked out of the active session
- while
in the middle of using it - and cannot log back in.
Default F
stem
journal. I am at my wits end here, and lost. What other information do you
need to help me solve this problem?
Thank you,
Dan Mossor
--
Dan Mossor, RHCSA
Systems Engineer at Large
Fedora Plasma Product WG | Fedora QA Team | Fedora Server WG
Fedora Infrastructure Apprentice
FAS: dmossor IRC: da
On Thu, Mar 5, 2015 at 4:16 PM, Dmitri Pal wrote:
> On 03/05/2015 04:15 PM, Dan Mossor wrote:
>
> Good day, folks.
>
> This time it is something different, yet the same. I have re-deployed my
> IPA installation due to some underlying issues with the host of the virtu
On Thu, Mar 5, 2015 at 4:34 PM, Dan Mossor wrote:
>
>
> On Thu, Mar 5, 2015 at 4:16 PM, Dmitri Pal wrote:
>
>> On 03/05/2015 04:15 PM, Dan Mossor wrote:
>>
>> Good day, folks.
>>
>> This time it is something different, yet the same. I have re-d
On Thu, Mar 5, 2015 at 4:55 PM, Dmitri Pal wrote:
> On 03/05/2015 05:51 PM, Dan Mossor wrote:
>
> As an additional test, I created a new user on my workstation and
> switched to it. the first thing I did was kinit as admin, then started
> Firefox, went through the browse
On Thu, Mar 5, 2015 at 4:59 PM, Rob Crittenden wrote:
> Dan Mossor wrote:
> > On Thu, Mar 5, 2015 at 4:34 PM, Dan Mossor > <mailto:danofs...@gmail.com>> wrote:
> >
> >
> > As an additional test, I created a new user on my workstation and
> > switc
On Thu, Mar 5, 2015 at 5:17 PM, Dan Mossor wrote:
>
>
> On Thu, Mar 5, 2015 at 4:55 PM, Dmitri Pal wrote:
>
>> On 03/05/2015 05:51 PM, Dan Mossor wrote:
>>
>> As an additional test, I created a new user on my workstation and
>> switched to it. the first
On Thu, Mar 5, 2015 at 6:44 PM, Dmitri Pal wrote:
> On 03/05/2015 07:36 PM, Dan Mossor wrote:
>
> On Thu, Mar 5, 2015 at 5:17 PM, Dan Mossor wrote:
>
>>
>>
>> On Thu, Mar 5, 2015 at 4:55 PM, Dmitri Pal wrote:
>>
>>> On 03/05/2015 05:51 PM, Dan
ck.
I think this installation is hosed. I am ready to wipe and start over from
scratch tomorrow. I've already wasted 16 hours on it.
Dan
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
On Fri, Mar 6, 2015 at 1:28 AM, Martin Kosek wrote:
> On 03/06/2015 02:38 AM, Dan Mossor wrote:
>
>>
>>
>> On Thu, Mar 5, 2015 at 7:21 PM, Dmitri Pal > <mailto:d...@redhat.com>> wrote:
>>
>> http://i.imgur.com/mhX86Ng.png
>>
>>
Inc.
>
> Oh, sorry, I didn't realize I was supposed to check that. For the
record, yes - I can log into the demo instance on Firefox from my
workstation. For the sake of completeness, I checked with Konquerer also
and can log in to the demo instance.
Regards,
Dan
--
Manage your subscr
On Fri, Mar 6, 2015 at 9:43 AM, Dmitri Pal wrote:
> On 03/06/2015 10:35 AM, Dan Mossor wrote:
>
>
>
> On Fri, Mar 6, 2015 at 9:21 AM, Dmitri Pal wrote:
>
>>
>> From your workstation can you use the demo instance
>> https://ipa.demo1.freeipa.org/
On Fri, Mar 6, 2015 at 1:53 PM, Martin Kosek wrote:
> On 03/06/2015 05:59 PM, Dan Mossor wrote:
>
>>
>> IT WORKS! WOOT!
>>
>> In the steps of researching a small issue on another hypervisor, I
>> discovered
>> that my underlying network, while operat
re able to clean up the conflicts.
Then SSSD started working again as soon as these conflicts were cleaned up,
just make sure the values are the same between both servers otherwise you may
be updating the environment with old data. Let me know if you have specific
questions.
Dan
me krb5.conf and all the same LDAP config
files. Has anyone seen this before?
Thanks!
Dan
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
Tuned out to be the default_domain_suffix setting. It appears our RHEL 6.5
installs ignore it but RHEL 6.8 doesn't. Now that the setting actually does
something I've discovered my setting was wrong.
Thanks!
Dan
-Original Message-
From: Lukas Slebodnik [mailto:lsleb...@redhat.
to do 'everything' in one go?
I looked through the documentation, but the V2 docs currently seem
quite developer-centric, does anyone have any links for me?
Thanks,
Dan Scott
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.red
ny special characters:
ipa user-add user1 --password qwerty\&sdf
or
ipa user-add user1 --password "qwerty&sdf"
Other characters will cause problems too: 'greater than', less than,
single quote, double quote, tilde, pipe etc.
Hope this helps,
Dan
__
use any of the radius functionality
and my FreeIPA v1 installation is pretty standard, so other users
might run into this. I didn't find a bug report, but can file one if
needed?
Thanks,
Dan
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
Done:
https://fedorahosted.org/freeipa/ticket/1266
Dan
On Tue, May 31, 2011 at 18:26, Dmitri Pal wrote:
> On 05/31/2011 06:02 PM, Dan Scott wrote:
>> Hi,
>>
>> Thanks for all the replies.
>>
>> On Wed, May 25, 2011 at 18:13, Rob Crittenden wrote:
>>>
ntication still
doesn't work for me - any ideas?)
3. The "Directory Utility" is now in: /System/Library/CoreServices
4. The "Add DHCP-supplied LDAP servers" option is no longer available.
Thanks,
Dan
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
Hi,
On Tue, Jun 14, 2011 at 18:53, Doug Chapman wrote:
> On Tue, Jun 14, 2011 at 2:25 PM, Dan Scott
> wrote:
> I can't speak to your gid mapping issue, but Under Accounts -> Login Options
> -> Network Account Server, you can get access to the Directory Utility to
> &
help me figure out how to get the group lookups working?
Thanks,
Dan
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
Hi,
On Tue, Jun 21, 2011 at 11:20, Stephen Gallagher wrote:
> On Tue, 2011-06-21 at 11:06 -0400, Dan Scott wrote:
>> Hi,
>>
>> I'm still running a FreeIPA 1.2 server but have started installing
>> Fedora 15 clients and am trying to figure out how to manually set
On Tue, Jun 21, 2011 at 11:37, Stephen Gallagher wrote:
> On Tue, 2011-06-21 at 11:31 -0400, Dan Scott wrote:
>> Hi,
>>
>> On Tue, Jun 21, 2011 at 11:20, Stephen Gallagher wrote:
>> > On Tue, 2011-06-21 at 11:06 -0400, Dan Scott wrote:
>> >> Hi,
>>
On Tue, Jun 21, 2011 at 14:19, Stephen Gallagher wrote:
> On Tue, 2011-06-21 at 11:58 -0400, Dan Scott wrote:
>> On Tue, Jun 21, 2011 at 11:37, Stephen Gallagher wrote:
>> > On Tue, 2011-06-21 at 11:31 -0400, Dan Scott wrote:
>> >> Hi,
>> >>
>> >
t possible that it's
conflicting with my existing FreeIPA 1.2.x servers elsewhere on the
network?
Thanks,
Dan Scott
2011-06-24 13:33:04,752 DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
2011-06-24 13:33:04,753 DEBUG Loading Index file from '/var/lib/ipa/sy
Hi,
On Fri, Jun 24, 2011 at 14:00, Rob Crittenden wrote:
> Dan Scott wrote:
>> I've just installed Fedora 15 onto a VM, configured networking and run
>> the ipa-server-install script - the installation fails with the error:
>>
>> Configuring ntpd
>> [1
hema. Copy this to
> the equivalent location on the v2 server.
Sorry to jump on this so late.
Do you know if the fix for "groupname: attribute "memberofindirect"
not allowed" has been released yet? I'm running Fedora 15 with the
latest updates from update
It is only Kerberos authentication
which requires users to re-login on this special page?
Thanks,
Dan
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
1 - 100 of 197 matches
Mail list logo