Re: [Freeipa-users] password expiration

It is confirmed, the password policy was changed with password expiration beyond 2038. Question is, how can we restore the pw policy without a working admin user? Sándor Juhász System Administrator ChemAxon Ltd . Building Hx, GraphiSoft Park, Záhony utca 7, Budapest, Hungary, H-1031 Cell: +

Re: [Freeipa-users] LDAP authentication for JIRA using FreeIPA

Hi, here are our working configurations. Might be useful. We use compat tree for auth. We use user in group matching. We use group filter for login authorization. We use FedoraDS as ldap connector on JIRA's side. We don't use pw change or user create in IPA from JIRA side. Watch out not to

Re: [Freeipa-users] LDAP authentication for JIRA using FreeIPA

use it this way. Sándor Juhász System Administrator ChemAxon Ltd . Building Hx, GraphiSoft Park, Záhony utca 7, Budapest, Hungary, H-1031 Cell: +36704258964 From: "Christopher Lamb" To: "Martin Kosek" , "Brian Topping" , "Sandor Juhasz" Cc: fre

[Freeipa-users] ipa schema-compat, DIT view and replication

Hello, we migrated to centos7.1 and ipa server 4.1.0. DIT view using schema compat plugin is working on one instance - celebrations. We are using a 4 way cluster of ipa servers. The schema-compat-container does not get replicated. Is there a way - apart making the change on the replica - to

[Freeipa-users] modify schema - add group email and display attribute

Hi, i would like to modify schema to have group objects extended with email and display name attribute. The reason is that we are trying to sync our ldap to our google apps. I don't know how much this doc http://www.freeipa.org/images/5/5b/FreeIPA33-extending-freeipa.pdf can be applied to g

Re: [Freeipa-users] modify schema - add group email and display attribute

258964 From: "Ludwig Krispenz" To: freeipa-users@redhat.com Sent: Wednesday, December 21, 2016 3:34:03 PM Subject: Re: [Freeipa-users] modify schema - add group email and display attribute On 12/21/2016 02:07 PM, Sandor Juhasz wrote: Hi, i would like to modify schema to

Re: [Freeipa-users] modify schema - add group email and display attribute

: "Sandor Juhasz" To: "Ludwig Krispenz" Cc: freeipa-users@redhat.com Sent: Wednesday, December 21, 2016 4:39:32 PM Subject: Re: [Freeipa-users] modify schema - add group email and display attribute That would be perfect solution. How do i do it? ldapmodify: dn: c

Re: [Freeipa-users] modify schema - add group email and display attribute

'freeipa/group'], function(phases, group_mod) { // helper function function get_item(array, attr, value) { for (var i=0,l=array.length; i To: "Sandor Juhasz" Cc: freeipa-users@redhat.com Sent: Monday, January 2, 2017 6:41:02 PM Subject: Re: [Freeipa-users] modify s

Re: [Freeipa-users] modify schema - add group email and display attribute

ity'); as the user would do. Yup figured that index generation is auto. So all check, all happy in the end. Thx. Sándor Juhász System Administrator ChemAxon Ltd . Building Hx, GraphiSoft Park, Záhony utca 7, Budapest, Hungary, H-1031 Cell: +36704258964 From: "Petr Vobornik&quo

Re: [Freeipa-users] modify schema - add group email and display attribute

inistrator ChemAxon Ltd . Building Hx, GraphiSoft Park, Záhony utca 7, Budapest, Hungary, H-1031 Cell: +36704258964 From: "Sandor Juhasz" To: "Petr Vobornik" Cc: freeipa-users@redhat.com Sent: Wednesday, January 11, 2017 3:26:41 PM Subject: Re: [Freeipa-users] mod

Re: [Freeipa-users] modify schema - add group email and display attribute

apest, Hungary, H-1031 Cell: +36704258964 From: "Alexander Bokovoy" To: "Sandor Juhasz" Cc: freeipa-users@redhat.com Sent: Thursday, January 19, 2017 3:22:34 PM Subject: Re: [Freeipa-users] modify schema - add group email and display attribute On to, 19 tammi 2017, S

Re: [Freeipa-users] modify schema - add group email and display attribute

I think ipa permission-mod "System: Read Groups" --includedattrs=mail --includedattrs=displayname solved my issue. Sándor Juhász System Administrator ChemAxon Ltd . Building Hx, GraphiSoft Park, Záhony utca 7, Budapest, Hungary, H-1031 Cell: +36704258964 From: "Sand

[Freeipa-users] Virtual DIT view howto

Hello, i need a bit of help on how to create virtual dit structure on an existing ipa. I need it to create separate structure to authenticate users for services which don't support ldap search filters. I did not find anything in the manual or any howto to start with. Sándor Juhász System Ad

Re: [Freeipa-users] Virtual DIT view howto

, Budapest, Hungary, H-1031 Cell: +36704258964 - Original Message - From: "Alexander Bokovoy" To: "Sandor Juhasz" Cc: freeipa-users@redhat.com Sent: Thursday, September 25, 2014 3:24:50 PM Subject: Re: [Freeipa-users] Virtual DIT view howto On Thu, 25 Sep 2014,

Re: [Freeipa-users] Virtual DIT view howto

osek" To: "Sandor Juhasz" , freeipa-users@redhat.com Sent: Friday, September 26, 2014 1:00:37 PM Subject: Re: [Freeipa-users] Virtual DIT view howto On 09/26/2014 11:19 AM, Sandor Juhasz wrote: > Hello, > > i want to bind applications to the ldap, via ldap connector,

[Freeipa-users] authenticate samba 3 or 4 with freeipa

Hello, what is the best practice to authenticate samba file sharing with freeipa as auth service. Either version 3 or 4 of samba is fine, as we are looking for this only for filesharing and not domain service. Our ipa service is hosted on CentOS 6.5. The samba service is preferred to be hos

Re: [Freeipa-users] authenticate samba 3 or 4 with freeipa

: Thursday, March 27, 2014 5:51:23 PM Subject: Re: [Freeipa-users] authenticate samba 3 or 4 with freeipa On 27.3.2014 14:36, Sandor Juhasz wrote: > Hello, > > what is the best practice to authenticate samba file sharing with freeipa as > auth service. > Either version 3 or 4 of

[Freeipa-users] How to check if ldap was updated?

Hi, i would like to know if there is any endpoint, command, plugin, api or other way to check if ldap was modified. I would like to trigger jobs, if user/group attributes are updated and polling ldap continuously is not he best way i guess. Sándor Juhász System Administrator ChemAxon Ltd