owned" by that user still exists, so that
one doesn't have to go to LDAP to deal with the entry, but compared to
the amount of iterations this took, that should be easy :D
For those interested:
http://www.astro.princeton.edu/~huston/astrocustom/astrocustom.1546.py.html
--
Steve Huston - W2
his in RHEL6 is to set access_provider to
ldap in sssd, but that doesn't seem to cover all cases and doesn't
play well with other IPA things (like HBAC) from what I can tell.
--
Steve Huston - W2SRH - Unix Sysadmin, PICSciE/CSES & Astrophysical Sci
Princeton University |ICBM Address: 40.3
to ipa and consults IPA directly? Of course
doesn't help that I need to deal with this across multiple OSs (CentOS
5 using LDAP explicitly, 6 and 7 using sssd)
--
Steve Huston - W2SRH - Unix Sysadmin, PICSciE/CSES & Astrophysical Sci
Princeton University |ICBM Address: 40.34
u, Apr 21, 2016 at 01:26:19PM -0400, Steve Huston wrote:
>> On Tue, Apr 19, 2016 at 11:57 AM, Jakub Hrozek <jhro...@redhat.com> wrote:
>> > Did you test that this actually fails with id_provider=ipa? I would
>> > assume the IPA KDC would kick you out and prompt for
Awesome! Thank you.
On Wed, Feb 1, 2017 at 12:05 PM, Florence Blanc-Renaud <f...@redhat.com> wrote:
> On 02/01/2017 05:47 PM, Steve Huston wrote:
>>
>> Would it be better to file this as a new bug, or reopen 4291?
>>
> Hi,
>
> we are already aware of the prob
Would it be better to file this as a new bug, or reopen 4291?
On Tue, Jan 31, 2017 at 5:00 PM, Steve Huston
<hus...@astro.princeton.edu> wrote:
> Seems like this is to blame: https://fedorahosted.org/freeipa/ticket/4291
>
> The checkin says, "Installation in pure IPv
point
associated with ProtocolHandler ["ajp-bio-0:0:0:0:0:0:0:1-8009"]
Jan 31 14:27:00 ipa server: java.net.SocketException: Protocol family
unavailable
On Fri, Jan 27, 2017 at 4:23 PM, Steve Huston
<hus...@astro.princeton.edu> wrote:
> Stranger, I did an install on a different V
would seem that in a pure IPv4
environment, this is causing tomcat to fail to load.
On Tue, Jan 31, 2017 at 4:36 PM, Steve Huston
<hus...@astro.princeton.edu> wrote:
> What defines the contents of /var/lib/pki/pki-tomcat/conf/server.xml?
>
>
>
> address="::1" />
>
The output of "ipa user-show --all --raw" is also identical at
those same steps.
So something, somewhere, is being saved in a way that prevents the
webui from displaying them properly, that gets fixed when those values
are manually changed via the webui.
On Thu, Jan 19, 2017 at 2:44 P
t entered).
This is with ipa-server-4.4.0-14.el7_3.4
On Mon, Jan 23, 2017 at 1:55 PM, Steve Huston
<hus...@astro.princeton.edu> wrote:
> Just tested again, and this is still baffling:
>
> * Create a stage user with the right data, works fine, can be edited.
> * Enable that
rule out a packaging error causing the problem.
On Wed, Jan 25, 2017 at 4:12 PM, Steve Huston
<hus...@astro.princeton.edu> wrote:
> No, that should be all of the major changes; the puppet module that
> installs things only puts the two plugin files in their respective
> places. The
else different that's causing it to
break. Will continue investigating, but if someone knows why the UI
would break this way it would be helpful to know where to look!
On Thu, Jan 26, 2017 at 11:53 AM, Steve Huston
<hus...@astro.princeton.edu> wrote:
> Just did it again with the sa
ver and I was not successful. Actually I was not used your back-end
> plugin. I tried it with no plugin and then with your UI plugin and both
> worked correctly. Did you do any other changes somewhere in your
> installation?
>
> I will try it again also with your Python plugin and we'l
as well, to no avail.
On Thu, Feb 23, 2017 at 4:25 PM, Rob Crittenden <rcrit...@redhat.com> wrote:
> Steve Huston wrote:
>> Next stage of my testing was to make a replica of the FreeIPA server,
>> and I started by doing a 'yum install ipa-server' and then moved on to
>> addin
r and soon-to-be
replica) running RHEL7.3 with all updates.
--
Steve Huston - W2SRH - Unix Sysadmin, PICSciE/CSES & Astrophysical Sci
Princeton University |ICBM Address: 40.346344 -74.652242
345 Lewis Library |"On my ship, the Rocinante, wheeling through
Princeton, NJ 0
pa/json':
(SEC_ERROR_LEGACY_DATABASE) The certificate/key database is in an old,
unsupported format.
> Cheers,
> Standa
>
> P.S.: I might have sent you this email twice because I am a bad person when
> it comes to the "Send" button, please reply to the email which has
>
exception: SystemExit:
Configuration of client side components failed!
ipa.ipapython.install.cli.install_tool(Replica): ERROR
Configuration of client side components failed!
ipa.ipapython.install.cli.install_tool(Replica): ERRORThe
ipa-replica-install command failed. See
/var/log/ipareplica-
o
difference between them.
On Thu, Jan 19, 2017 at 1:14 PM, Alexander Bokovoy <aboko...@redhat.com> wrote:
> On to, 19 tammi 2017, Steve Huston wrote:
>>
>> On Thu, Jan 19, 2017 at 11:16 AM, Alexander Bokovoy <aboko...@redhat.com>
>> wrote:
>>>
>>> In sho
quot; to show what user requested and is responsible for this account)
works fine in the 'add/modify stageuser' context, but not at all in
the adduser/moduser context, and I can't seem to find out why.
--
Steve Huston - W2SRH - Unix Sysadmin, PICSciE/CSES & Astrophysical Sci
Princeton University
es at https://github.com/abbra/freeipa-desktop-profile/
but I wasn't able to follow them well or figure out how/if they
applied to my case.
--
Steve Huston - W2SRH - Unix Sysadmin, PICSciE/CSES & Astrophysical Sci
Princeton University |ICBM Address: 40.346344 -74.652242
On Tue, Feb 28, 2017 at 4:26 AM, Standa Laznicka <slazn...@redhat.com> wrote:
> On 02/27/2017 04:51 PM, Steve Huston wrote:
>> It seems there might be two issues here; the one I originally reported
>> was that the ipa-server packages installed on a client machine
re than convince those in control of DNS here to change it :D )
--
Steve Huston - W2SRH - Unix Sysadmin, PICSciE/CSES & Astrophysical Sci
Princeton University |ICBM Address: 40.346344 -74.652242
345 Lewis Library |"On my ship, the Rocinante, wheeling through
Princeton, NJ
l working. Right now it has the right default
user, so I'll know for sure when I create another replica :D
--
Steve Huston - W2SRH - Unix Sysadmin, PICSciE/CSES & Astrophysical Sci
Princeton University |ICBM Address: 40.346344 -74.652242
345 Lewis Library |"On my s
ct or understand why it changed again.
I don't know that I'll have time to spin up more instances and go
through the testing to see what/when/how it changed, but I wanted to
point it out in case someone who does have that time can run with the
information.
--
Steve Huston - W2SRH - Unix Sy
there some attribute of a field I can edit to insert a default
value into the UI, while still allowing that to be removed or edited
before the user submits the page?
--
Steve Huston - W2SRH - Unix Sysadmin, PICSciE/CSES & Astrophysical Sci
Princeton University |ICBM Address: 40.34634
lso failed but with the slightly different
error (I believe it was that the host does not exist).
So how does one create a certificate for an alias on a host?
--
Steve Huston - W2SRH - Unix Sysadmin, PICSciE/CSES & Astrophysical Sci
Princeton University |ICBM Address: 40.346344 -74.
On Thu, May 4, 2017 at 9:15 PM, Fraser Tweedale <ftwee...@redhat.com> wrote:
> The fix for this was released in FreeIPA 4.5. See ticket
> https://pagure.io/freeipa/issue/6295.
>
Excellent! Any chance of that getting backported into the 4.4.x
series available on RHEL7?
--
Steve
27 matches
Mail list logo
