Re: [Freeipa-users] Fedora 12 install documentation 2.0.0 admin documentation 2.0.0 and problems.

2010-07-07 Thread Steven Jones
8 I tried https://localhost:443 and I get a Kerberos Authentication failed.there is no workable documentation / indication on how to fix this

[Freeipa-users] getting a kerberos ticket for Firefox

2010-09-20 Thread Steven Jones
Hi, I am trying to web browse to the localhost and it is telling me to obtain a valid kerberos ticket and configure Firefox... Where do I export / find this ticket? and how do I install it as a user so I can connect? regards Steven Jones Technical Specialist Linux/Vmware Tele 64 4 463 6272

Re: [Freeipa-users] probems installin freeipa v2

2010-09-21 Thread Steven Jones
from ver1 and the doc hasnt been corrected? regards Steven Jones Technical Specialist Linux/Vmware Tele 64 4 463 6272 Victoria University Kelburn New Zealand -Original Message- From: freeipa-users-boun...@redhat.com [mailto:freeipa-users-boun...@redhat.com] On Behalf Of Steven Jones Sent

Re: [Freeipa-users] probems installin freeipa v2

2010-09-21 Thread Steven Jones
Hi, This is Fedora 13 with the yum repo setup as per your web site... 389-ds-base-1.2.6-1.fc13.x86_64 ipa-server-1.2.2-4.fc13.x86_64 Your ldapsearch command gives me, ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) um.. So the LDAP server is dead? regards Steven Jones Technical

Re: [Freeipa-users] probems installin freeipa v2

2010-09-21 Thread Steven Jones
are written by ppl that know how to do this syntax wellso you are maybe over looking my simple mis-understanding of how to enter these commands correctly. regards Steven Jones Technical Specialist Linux/Vmware Tele 64 4 463 6272 Victoria University Kelburn New Zealand -Original Message

Re: [Freeipa-users] probems installin freeipa v2

2010-09-21 Thread Steven Jones
-v This appears to be wrong? It should be, ipa-replica-manage add --winsync --binddn cn=administrator,cn=users,dc=example,dc=com \ --cacert /path/to/certfile.cer adserver.example.com --passsync domain admin password -v ? regards Steven Jones Technical Specialist Linux/Vmware Tele 64 4 463

Re: [Freeipa-users] probems installin freeipa v2

2010-09-21 Thread Steven Jones
/to/certfile.cer adserver.example.com --passsyncdomain admin password-v Is there a log somewhere to look for why? regards Steven Jones Technical Specialist Linux/Vmware Tele 64 4 463 6272 Victoria University Kelburn New Zealand -Original Message- From: Rob Crittenden [mailto:rcrit

[Freeipa-users] probems installin freeipa v2

2010-09-21 Thread Steven Jones
Hi, I have created a user only to find that the login, home directory, UID and GID are all auto-generated... How can I set the gui to let me put these values in myself? The linux account and AD account already have these...so I need to be able to set these. regards Steven Jones Technical

Re: [Freeipa-users] probems installin freeipa v2

2010-09-21 Thread Steven Jones
For ipa-replica-manage list The output is my AD vuwwincodc1.vuw.ac.nz regards Steven Jones Technical Specialist Linux/Vmware Tele 64 4 463 6272 Victoria University Kelburn New Zealand -Original Message- From: Rob Crittenden [mailto:rcrit...@redhat.com] Sent: Wednesday, 22

Re: [Freeipa-users] probems installin freeipa v2

2010-09-21 Thread Steven Jones
Hi, Ok, it isnt crashing the LDAP server/service its doing a shutdown of it according to the error log... So while a sync is happening the LDAP server is offline? How long should this take? 30secs? 3mins? 30mins? regards Steven Jones Technical Specialist Linux/Vmware Tele 64 4 463 6272

Re: [Freeipa-users] probems installin freeipa v2

2010-09-21 Thread Steven Jones
=0 tag=101 nentries=1 etime=0 [22/Sep/2010:15:58:16 +1200] conn=8 op=2 SRCH base=cn=config,cn=ldbm database,cn=plugins,cn=config scope=0 filter=(objectClass=*) attrs=nsslapd-directory [22/Sep/2010:15:58:16 +1200] conn=8 op=2 RESULT err=0 tag=101 nentries=1 etime=0 = regards Steven

[Freeipa-users] Probems syncing freeipa v2 to AD

2010-09-22 Thread Steven Jones
Hi, Any idea how to stop the LDAP server hosing itself? regards Steven Jones Technical Specialist Linux/Vmware Tele 64 4 463 6272 Victoria University Kelburn New Zealand -Original Message- From: freeipa-users-boun...@redhat.com [mailto:freeipa-users-boun...@redhat.com] On Behalf

Re: [Freeipa-users] Probems syncing freeipa v2 to AD

2010-09-22 Thread Steven Jones
Hi, I have not seen such an email. regards Steven Jones Technical Specialist Linux/Vmware Tele 64 4 463 6272 Victoria University Kelburn New Zealand -Original Message- From: Dmitri Pal [mailto:d...@redhat.com] Sent: Thursday, 23 September 2010 9:19 a.m. To: Steven Jones Cc: Freeipa

[Freeipa-users] bug 634561

2010-09-23 Thread Steven Jones
Hi, Bug 634561 has been fixed... How do I get this into/onto my setup please? regards Steven Jones Technical Specialist Linux/Vmware Tele 64 4 463 6272 Victoria University Kelburn New Zealand ___ Freeipa-users mailing list Freeipa-users@redhat.com

[Freeipa-users] Migrating passwd files etc into free-ipa

2010-09-23 Thread Steven Jones
? regards Steven Jones Technical Specialist Linux/Vmware Tele 64 4 463 6272 Victoria University Kelburn New Zealand ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users

[Freeipa-users] Free-ipa no longer working

2010-09-26 Thread Steven Jones
Hi, I have come back after the weekend and find that the gui no longer works While trying to get a new kerberos ticket I get, kinit: Cannot contact and KDC realm 'VUW.AC.NZ' while getting credentials So any ideas where I go looking? regards Steven Jones Technical Specialist Linux/Vmware

Re: [Freeipa-users] Migrating passwd files etc into free-ipa

2010-09-27 Thread Steven Jones
Steven bcc MW. From: Rob Crittenden [rcrit...@redhat.com] Sent: Tuesday, 28 September 2010 4:30 a.m. To: Steven Jones Cc: Dmitri Pal; freeipa-users Subject: Re: [Freeipa-users] Migrating passwd files etc into free-ipa Steven Jones wrote: Ok, So lets avoid

Re: [Freeipa-users] bug 634561

2010-09-28 Thread Steven Jones
Hi, Sorry if this sounds pushy but any chance of an ETA please? regards Steven Jones Technical Specialist Linux/Vmware Tele 64 4 463 6272 Victoria University Kelburn New Zealand -Original Message- From: Rich Megginson [mailto:rmegg...@redhat.com] Sent: Friday, 24 September 2010 8:20

[Freeipa-users] When does freeipa make it to the Red Hat tree? some years off? RHEL7?

2010-10-07 Thread Steven Jones
regards Steven Jones Technical Specialist Linux/Vmware Tele 64 4 463 6272 Victoria University Kelburn New Zealand ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users

Re: [Freeipa-users] [Freeipa-devel] Announcing FreeIPA v2 Server Release Candidate 1 Release

2011-02-15 Thread Steven Jones
Has anyone tried this? I get a Damaged repo file regards ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users

Re: [Freeipa-users] [Freeipa-devel] Announcing FreeIPA v2 Server Release Candidate 1 Release

2011-02-16 Thread Steven Jones
Is there a series of RPMS I can download? ie can someone tell which ones I need for the server and which ones I need for the client and in what order I install? I can get the rpms off the store, just not via yum as the repo is dead for meeither its a remote issue, or our firewall is

[Freeipa-users] While attempting to make a replica....I get this failure....

2011-02-27 Thread Steven Jones
[root@fed14-64-ipam001 jonesst1]# ipa-replica-prepare fed14-64-ipam002.ipa.ac.nz Directory Manager (existing master) password: Preparing replica for fed14-64-ipam002.ipa.ac.nz from fed14-64-ipam001.ipa.ac.nz Creating SSL certificate for the Directory Server ipa: INFO: sslget

[Freeipa-users] While attempting to join a client ....I get this failure....

2011-02-27 Thread Steven Jones
I have just built these 2 fed14 to act as a server and client and run yum updateso they should be as closely sync'd as possible... =client=== [root@fed14-64-ipacl01 ~]# ipa-client-install Discovery was successful! Realm: IPA.AC.NZ DNS Domain: ipa.ac.nz IPA Server:

[Freeipa-users] Freeipa fails to start after a reboot

2011-02-27 Thread Steven Jones
What scrips need to be runa and in what order to start the primary ipa server? regards ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users

Re: [Freeipa-users] While attempting to join a client ....I get this failure....

2011-02-28 Thread Steven Jones
Hi, The point is both the client and the server are up to date in terms of patches from teh repo. So your repo is not consistent and needs fixing.. regards On Mon, 2011-02-28 at 10:43 -0500, Rob Crittenden wrote: Steven Jones wrote: I have just built these 2 fed14 to act as a server

Re: [Freeipa-users] Freeipa fails to start after a reboot

2011-02-28 Thread Steven Jones
... [ OK ] PKI-IPA... [ OK ] [root@fed14-64-ipam001 init.d]# On Mon, 2011-02-28 at 16:39 +1000, David O'Brien wrote: Steven Jones wrote: What scrips need to be runa and in what order to start the primary ipa

Re: [Freeipa-users] While attempting to make a replica....I get this failure....

2011-02-28 Thread Steven Jones
CT,C,C ipaCert u,u,u Server-Cert u,u,u [root@fed14-64-ipam001 init.d]# === regards On Mon, 2011-02-28 at 10:50 -0500, Rob Crittenden wrote: Steven Jones wrote: [root@fed14

Re: [Freeipa-users] While attempting to join a client ....I get this failure....

2011-02-28 Thread Steven Jones
Hi, As per your website and I SCP'd the freeipa-devel.repo over to the client and the replica from the master regards On Mon, 2011-02-28 at 14:30 -0500, Rob Crittenden wrote: Steven Jones wrote: Hi, The point is both the client and the server are up to date in terms of patches

Re: [Freeipa-users] While attempting to join a client ....I get this failure....

2011-02-28 Thread Steven Jones
8 On the client: rpm -q freeipa-client freeipa-client-2.0.0.rc1-0.fc14.x86_64 On the server: rpm -q freeipa-server freeipa-server-2.0.0.rc1-0.fc14.x86_64 regards ___ Freeipa-users mailing list Freeipa-users@redhat.com

Re: [Freeipa-users] Announcing FreeIPA v2 Server Release Candidate 2 Release

2011-02-28 Thread Steven Jones
Not sure if I have to change anything in the repo? but rc2.0 does not appear... regards On Mon, 2011-02-28 at 16:07 -0500, Rob Crittenden wrote: To all freeipa-interest, freeipa-users and freeipa-devel list members, The FreeIPA project team is pleased to announce the availability of the

Re: [Freeipa-users] Announcing FreeIPA v2 Server Release Candidate 2 Release

2011-02-28 Thread Steven Jones
umchecksum error? === [root@fed14-64-ipacl01 yum.repos.d]# yum update Loaded plugins: langpacks, presto, refresh-packagekit Adding en_US to language list freeipa-devel | 1.3 kB 00:00 freeipa-devel/primary | 10 kB 00:00

Re: [Freeipa-users] Announcing FreeIPA v2 Server Release Candidate 2 Release

2011-02-28 Thread Steven Jones
I have tried to download the rpms by hand and the dependencies are all broken ie pythonwell stuffed by the looks of it... regards ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users

Re: [Freeipa-users] Announcing FreeIPA v2 Server Release Candidate 2 Release

2011-03-01 Thread Steven Jones
and the Freeipa-devel repo enabled on my IPA test servers. Rgds, Siggi On Tue, March 1, 2011 01:32, Steven Jones wrote: I have tried to download the rpms by hand and the dependencies are all broken ie pythonwell stuffed by the looks of it... regards

Re: [Freeipa-users] Announcing FreeIPA v2 Server Release Candidate 2 Release

2011-03-01 Thread Steven Jones
... [ OK ] [root@fed14-64-ipam001 init.d]# regards On Tue, 2011-03-01 at 16:10 -0500, Rob Crittenden wrote: Steven Jones wrote: Im getting a pycurl error 6so every few hours the errors change I don't know if the pycurl errors are equivalent to the curl

Re: [Freeipa-users] Announcing FreeIPA v2 Server Release Candidate 2 Release

2011-03-01 Thread Steven Jones
8- I think it is a mismatch between what we've stored as the hostname and the hostname of the machine. Can you look at the output of these commands and see if the hostname is the same between them all? $ ldapsearch -x -s one -b cn=masters,cn=ipa,cn=etc,dc=ipa,dc=ac,dc=nz dn

Re: [Freeipa-users] Announcing FreeIPA v2 Server Release Candidate 2 Release

2011-03-01 Thread Steven Jones
I think it is a mismatch between what we've stored as the hostname and the hostname of the machine. Can you look at the output of these commands and see if the hostname is the same between them all? $ ldapsearch -x -s one -b cn=masters,cn=ipa,cn=etc,dc=ipa,dc=ac,dc=nz dn $ hostname $

Re: [Freeipa-users] Announcing FreeIPA v2 Server Release Candidate 2 Release

2011-03-02 Thread Steven Jones
Hi, Yepthat is the issueI put it in, rebooted, worked, took it out rebooted, didnt work, put it back in rebooted and it worked again. Wonders of a gui setupnormally I do it by hand and do a FQDNI assumed because it was short form in the file that is the way it is now, obviously

[Freeipa-users] replication setup failure

2011-03-02 Thread Steven Jones
8 starting replication, please wait until this has completed. Update in progress Update in progress Update in progress Update in progress Update in progress Update succeeded [21/27]: adding replication acis [22/27]: initializing group membership [23/27]: adding master entry [24/27]:

[Freeipa-users] Unable to authenticate a client user against IPA

2011-03-03 Thread Steven Jones
I appear to have IPA running, I have run the install client on a fed14 KVM guest and that guest is in the IPA system, however the users in IPA cannot authenticate via IPA and get onto the client. There appears to be traffic to port 389, so I assume its almost workingbut I can find anything in

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-03 Thread Steven Jones
, uri host 192.168.100.2 base dc=ipa,dc=ac,dc=nz Where 192.168.100.2 is the original master. regards On Thu, 2011-03-03 at 14:30 -0500, Rob Crittenden wrote: Steven Jones wrote: I appear to have IPA running, I have run the install client on a fed14 KVM guest and that guest is in the IPA

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-03 Thread Steven Jones
8 I have no idea, Im trying to follow the ipa document (version 0.5)so if it says do something I try and do itif it doesnt say do something wellit doesnt get done as I cant mind read. What I want is encrypted connections on all services / communications so it is secure and safe.

[Freeipa-users] Documentation

2011-03-03 Thread Steven Jones
Hi, Is it possible to have the ipa 0.5 documentation (and future documentation) as a pdf file? I'd like to download it and print it off. regards ___ Freeipa-users mailing list Freeipa-users@redhat.com

Re: [Freeipa-users] Documentation

2011-03-03 Thread Steven Jones
Thanks very much I can live with rough.lets me study it on the train regards On Fri, 2011-03-04 at 11:24 +1000, David O'Brien wrote: Steven Jones wrote: Hi, Is it possible to have the ipa 0.5 documentation (and future documentation) as a pdf file? I'd like to download

[Freeipa-users] Time bug

2011-03-03 Thread Steven Jones
Hi, Americans are funny ppl they put the date format as month then day.the problem is in the real world, its day then month So I have registered 1 client and 2 ipa masters as of 4th march 2011 NZST, but the IPA server's gui says I registered them a month in the future, ie 3rd April 2011

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-06 Thread Steven Jones
Hi, Well client to ipa server doesnt work.. regards On Fri, 2011-03-04 at 10:45 -0500, Rob Crittenden wrote: Dmitri Pal wrote: On 03/03/2011 02:53 PM, Steven Jones wrote: 8 I have no idea, Im trying to follow the ipa document (version 0.5)so if it says do something I try

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-06 Thread Steven Jones
8--- This didnt work...intuitive, no I guess not regards Sorry but the doc might be incomplete. We are in the middle of reviewing it actually and adding information to it. Please go to your system-authconfig dialog and configure LDAP + Kerberos with the IPA server. It should be

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-06 Thread Steven Jones
How do i turn on logging on the client and the server so as to start troubleshooting this authentication failure? regards ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-07 Thread Steven Jones
Hi, Where does this log to? regards On Mon, 2011-03-07 at 12:33 -0500, Dmitri Pal wrote: On 03/06/2011 02:48 PM, Steven Jones wrote: How do i turn on logging on the client and the server so as to start troubleshooting this authentication failure? regards

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-08 Thread Steven Jones
8- getent passwd user however only returns one line, not the two I should expect? Why do you expect two lines? It should only return one, for that user. It also returns very fastlike its not even looking remotely. Is the user in /etc/passwd too? When I tried to get

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-08 Thread Steven Jones
8-- So how do I fault find? where do I start? ie Where do I start to look to determine why a user cannot login to a client via freeipa? How can I be more clear? because so far the replies have been not very productive. regards ___

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-08 Thread Steven Jones
8 Steven, sorry you're having such a hard time with this. Let me see if I can help point you in the right direction. I'm trying to look at the history of this thread, but I'm coming into it late, so please forgive me if I retread any ground that's already been covered. First, I

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-08 Thread Steven Jones
On Tue, 2011-03-08 at 15:50 -0500, Rob Crittenden wrote: Steven Jones wrote: 8-- So how do I fault find? where do I start? ie Where do I start to look to determine why a user cannot login to a client via freeipa? How can I be more clear? because so far the replies have been

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-08 Thread Steven Jones
-0500, Simo Sorce wrote: On Tue, 8 Mar 2011 19:05:45 -0500 (EST) Stephen Gallagher sgall...@redhat.com wrote: On Mar 8, 2011, at 5:45 PM, Steven Jones steven.jo...@vuw.ac.nz wrote: Keytab name: WRFILE:/etc/krb5.keytab KVNO Principal

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-08 Thread Steven Jones
Hi, I have just done another F14 client and I have the same issue. regards regards On Tue, 2011-03-08 at 19:28 -0500, Simo Sorce wrote: On Tue, 8 Mar 2011 19:05:45 -0500 (EST) Stephen Gallagher sgall...@redhat.com wrote: On Mar 8, 2011, at 5:45 PM, Steven Jones steven.jo

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-09 Thread Steven Jones
Hi, I had/have already done the uninstall...and re-install. Also I registered a brand new 2nd client...that hasnt worked either.. regards On Tue, 2011-03-08 at 23:29 -0500, Rob Crittenden wrote: Steven Jones wrote: Hi, Log, The error is Host is already joined so no keytab

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-09 Thread Steven Jones
PM, Steven Jones wrote: On Tue, 2011-03-08 at 15:50 -0500, Rob Crittenden wrote: Steven Jones wrote: 8-- So how do I fault find? where do I start? ie Where do I start to look to determine why a user cannot login to a client via freeipa? How can I be more clear? because so

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-09 Thread Steven Jones
On Wed, 2011-03-09 at 14:42 -0500, Dmitri Pal wrote: On 03/09/2011 02:21 PM, Steven Jones wrote: Hi, I had/have already done the uninstall...and re-install. Also I registered a brand new 2nd client...that hasnt worked either.. How did you create the host record

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-09 Thread Steven Jones
Hi, I have gone into the webgui and manually removed the no1 client/host, it has now joined successfully... So Yes, the next issue regards On Wed, 2011-03-09 at 14:51 -0500, Stephen Gallagher wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/09/2011 02:45 PM, Steven Jones

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-09 Thread Steven Jones
8--- 4) Install client again Everything should work. If not please send us the logs. Not sure which logs as Im losing track of so many suggestions/threadsbut, On the client the sssd.log is zero length, the sssd_ipa.ac.nz.log is zero length I just tried to add a local user and

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-09 Thread Steven Jones
Ok, However I cant LDAP/Ipa authenticate stillon either client.. So what next? regards Steven From: Rob Crittenden [rcrit...@redhat.com] Sent: Thursday, 10 March 2011 10:47 a.m. To: Steven Jones Cc: freeipa-users@redhat.com Subject: Re

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-09 Thread Steven Jones
for a rhel6ws?I could try that as well...also RHEL5 regards From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on behalf of Steven Jones [steven.jo...@vuw.ac.nz] Sent: Thursday, 10 March 2011 11:35 a.m. To: d...@redhat.com

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-10 Thread Steven Jones
: - Original Message - Steven Jones wrote: Ok, However I cant LDAP/Ipa authenticate stillon either client.. So what next? sssd handles logins, you can try turning up the log level on that (though I suspect it wasn't the reboot that fixed this but restarting sssd

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-10 Thread Steven Jones
third client wont authenticate either So I guess its a problem around the install script if not selinux regards From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on behalf of Steven Jones [steven.jo...@vuw.ac.nz] Sent: Friday

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-10 Thread Steven Jones
like alphamajor functionality failure, as personally I class being unable to do the very first thing you need to do as a major failure. regards From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on behalf of Steven Jones

Re: [Freeipa-users] Unable to authenticate a client user against IPA

2011-03-10 Thread Steven Jones
] on behalf of Dmitri Pal [d...@redhat.com] Sent: Friday, 11 March 2011 11:58 a.m. To: freeipa-users@redhat.com Subject: Re: [Freeipa-users] Unable to authenticate a client user against IPA On 03/10/2011 05:37 PM, Steven Jones wrote: I have run the in-install script and it wont delete the client

Re: [Freeipa-users] Standalone or VM instance of FreeIPA

2011-03-21 Thread Steven Jones
Hi, A year or two back free vm's were easy to find/common, these days its quite hardmostly I look, give up and go build my own VM for the job. If you want to do some routeing in VMware vyatta do a free vm and it does dhcp as well. You can set up bind on your fedora VM just invent a

[Freeipa-users] FreeIPA 2 on F14/RHEl 6.1

2011-03-28 Thread Steven Jones
Hi. I see IPA 2.0 is F15.uh. Is free-ipa 2.0 going to be put into RHEL6.1? ie Im assuming that F14 will become 6.1? sometime in the next few months? Or should I assume that since ipa2.0 is in F15 only we wont see anything vaguely usable til 6.2 sometime near the end of the year?

[Freeipa-users] FreeIPA 2 on F14 / RHEL 6.1

2011-03-28 Thread Steven Jones
Hi. Is free-ipa going to be put into RHEL6.1? ie Im assuming that F14will become 6.1? Or should I assume that since ipa2 is in F15 we wont see anything til 6.2 sometime near the end of the year? I want to spend the next few months learning IPA and deploy it to limited selected users as a

Re: [Freeipa-users] FreeIPA 2 on F14/RHEl 6.1

2011-03-28 Thread Steven Jones
] FreeIPA 2 on F14/RHEl 6.1 On 03/28/2011 05:30 PM, Steven Jones wrote: Hi. I see IPA 2.0 is F15.uh. Is free-ipa 2.0 going to be put into RHEL6.1? ie Im assuming that F14 will become 6.1? sometime in the next few months? Or should I assume that since ipa2.0 is in F15 only we wont see

[Freeipa-users] replica install failure....

2011-03-28 Thread Steven Jones
Just tried to make a replica and the install failed with, [4/11]: configuring certificate server instance root: CRITICAL failed to configure ca instance Command '/usr/bin/perl /usr/bin/pkisilent ConfigureCA -cs_hostname fed14-64-ipam002.ipa.ac.nz -cs_port 9445 -client_certdb_dir

[Freeipa-users] AD setup failure

2011-03-28 Thread Steven Jones
Following the install guide I get, [root@fed14-64-ipam001 samba]# ipa-replica-manage add --winsync --binddn cn=administrator,cn=users,dc=ipa,dc-ac,dc=nz \ --bindpw Qsmith51B --cacert /home/jonesst1/domaincert.cer dc0001.ipa.ac.nz -v Usage: ipa-replica-manage [options] ipa-replica-manage:

Re: [Freeipa-users] AD setup failure

2011-03-28 Thread Steven Jones
] on behalf of Steven Jones [steven.jo...@vuw.ac.nz] Sent: Tuesday, 29 March 2011 3:24 p.m. To: freeipa-users@redhat.com Subject: [Freeipa-users] AD setup failure Following the install guide I get, [root@fed14-64-ipam001 samba]# ipa-replica-manage add --winsync --binddn cn=administrator,cn=users

Re: [Freeipa-users] AD setup failure

2011-03-29 Thread Steven Jones
2011 2:50 a.m. To: Steven Jones Cc: freeipa-users@redhat.com Subject: Re: [Freeipa-users] AD setup failure Steven Jones wrote: Got a bit further...I was missing --passsync I think you were using the V1 documentation. The Enterprise Identity Management Guide is what you want off freeipa.org

Re: [Freeipa-users] replica install failure....

2011-03-29 Thread Steven Jones
Subject: Re: [Freeipa-users] replica install failure On Mon, 2011-03-28 at 23:45 +, Steven Jones wrote: Just tried to make a replica and the install failed with, [4/11]: configuring certificate server instance root: CRITICAL failed to configure ca instance Command '/usr/bin/perl

Re: [Freeipa-users] client setup failure

2011-03-29 Thread Steven Jones
Hi, The DNS is in AD so it cant be set to suit IPA I did as below and even with --force your script ignores these flags, it insists on doing AD lookups and gets the AD infoand obviously the cert isnt on the AD box. 8 What is a content of _ldap._tcp.ipa.ac.nz DNS SRV record?

Re: [Freeipa-users] client setup failure

2011-03-29 Thread Steven Jones
: freeipa-users@redhat.com Subject: Re: [Freeipa-users] client setup failure On Tue, 2011-03-29 at 12:49 +0200, tomasz.napier...@allegro.pl wrote: On 2011-03-29, at 10:20, Martin Kosek wrote: On Tue, 2011-03-29 at 00:08 +, Steven Jones wrote: What is a content of _ldap._tcp.ipa.ac.nz DNS SRV

Re: [Freeipa-users] replica install failure....

2011-03-29 Thread Steven Jones
From: Rob Crittenden [rcrit...@redhat.com] Sent: Wednesday, 30 March 2011 2:37 a.m. To: Steven Jones Cc: freeipa-users@redhat.com Subject: Re: [Freeipa-users] replica install failure Steven Jones wrote: Just tried to make a replica and the install failed with, [4/11]: configuring

Re: [Freeipa-users] client setup failure

2011-03-29 Thread Steven Jones
...@redhat.com] on behalf of Dmitri Pal [d...@redhat.com] Sent: Wednesday, 30 March 2011 8:29 a.m. To: freeipa-users@redhat.com Subject: Re: [Freeipa-users] client setup failure On 03/29/2011 03:26 PM, Steven Jones wrote: Hi, The DNS is in AD so it cant be set to suit IPA I did as below and even

Re: [Freeipa-users] client setup failure

2011-03-29 Thread Steven Jones
: Re: [Freeipa-users] client setup failure On 03/29/2011 03:26 PM, Steven Jones wrote: Hi, The DNS is in AD so it cant be set to suit IPA I did as below and even with --force your script ignores these flags, it insists on doing AD lookups and gets the AD infoand obviously the cert

Re: [Freeipa-users] replica install failure....

2011-03-29 Thread Steven Jones
The ipv6 wasnt right I guess. I have added the host's name into that line.will retry. regards From: Rob Crittenden [rcrit...@redhat.com] Sent: Wednesday, 30 March 2011 8:43 a.m. To: Steven Jones Cc: Martin Kosek; freeipa-users@redhat.com Subject: Re

Re: [Freeipa-users] client setup failure

2011-03-29 Thread Steven Jones
Jones Cc: d...@redhat.com; freeipa-users@redhat.com Subject: Re: [Freeipa-users] client setup failure Steven Jones wrote: What do I put in the python script as a work around? https://www.redhat.com/archives/freeipa-devel/2011-March/msg00227.html regards

Re: [Freeipa-users] client setup failure

2011-03-29 Thread Steven Jones
I used --force as wellit still ignores it regards From: Rob Crittenden [rcrit...@redhat.com] Sent: Wednesday, 30 March 2011 8:58 a.m. To: Steven Jones Cc: d...@redhat.com; freeipa-users@redhat.com Subject: Re: [Freeipa-users] client setup failure

Re: [Freeipa-users] AD setup failure

2011-03-29 Thread Steven Jones
Hi, My Windows person suggests because this is a self signed cert, the client needs to be forced to trust it? regards Steven From: Rob Crittenden [rcrit...@redhat.com] Sent: Wednesday, 30 March 2011 2:50 a.m. To: Steven Jones Cc: freeipa-users

Re: [Freeipa-users] client setup failure

2011-03-29 Thread Steven Jones
tmp]# So the client isnt appearing in the IPA web gui.so its a total failure to join... regards From: Rob Crittenden [rcrit...@redhat.com] Sent: Wednesday, 30 March 2011 9:03 a.m. To: Steven Jones Cc: d...@redhat.com; freeipa-users@redhat.com Subject

Re: [Freeipa-users] AD setup failure

2011-03-29 Thread Steven Jones
So I need 2 certificates? and I have to manually add the root CA with certutil? to the IPA master as a separate process? regards From: Rob Crittenden [rcrit...@redhat.com] Sent: Wednesday, 30 March 2011 9:05 a.m. To: Steven Jones Cc: freeipa-users

Re: [Freeipa-users] client setup failure

2011-03-29 Thread Steven Jones
What patch? and how do I apply it? From: Rob Crittenden [rcrit...@redhat.com] Sent: Wednesday, 30 March 2011 9:16 a.m. To: Steven Jones Cc: d...@redhat.com; freeipa-users@redhat.com Subject: Re: [Freeipa-users] client setup failure Steven Jones wrote

Re: [Freeipa-users] AD setup failure

2011-03-29 Thread Steven Jones
+73bwrgyOzwwAGyQVYBIqQxTc2Ya6GD2xDeTUNZ sdNMKhYDnJGXmJIjFQRBP513m/2yMg02NQZk/4Bq6KBbEoU= -END CERTIFICATE- From: Rich Megginson [rmegg...@redhat.com] Sent: Wednesday, 30 March 2011 9:04 a.m. To: Steven Jones Cc: Rob Crittenden; freeipa-users@redhat.com

Re: [Freeipa-users] AD setup failure

2011-03-29 Thread Steven Jones
is possible? regards From: Rich Megginson [rmegg...@redhat.com] Sent: Wednesday, 30 March 2011 9:27 a.m. To: Steven Jones Cc: Rob Crittenden; freeipa-users@redhat.com Subject: Re: [Freeipa-users] AD setup failure On 03/29/2011 02:14 PM, Steven Jones wrote: So I

Re: [Freeipa-users] AD setup failure

2011-03-29 Thread Steven Jones
/YA5Wa/6wyiyIjTSO5xbQ4AaqQhGgyxWwPxkmAMLelPz+5ihYvJdi2/Z gUNBujHSAm6yJj5jWd/Y1tfCcF0YJj5cmBFRWaRSExeAdOuQiQ== -END CERTIFICATE- From: Rich Megginson [rmegg...@redhat.com] Sent: Wednesday, 30 March 2011 9:36 a.m. To: Steven Jones Cc: Rob Crittenden

Re: [Freeipa-users] AD setup failure

2011-03-29 Thread Steven Jones
Hi, I get certutil: function failed: security library: bad database. From: Rob Crittenden [rcrit...@redhat.com] Sent: Wednesday, 30 March 2011 9:49 a.m. To: Steven Jones Cc: Rich Megginson; freeipa-users@redhat.com Subject: Re: [Freeipa-users] AD setup

Re: [Freeipa-users] AD setup failure

2011-03-29 Thread Steven Jones
My windows person tells me that this cert is the root one, which apparently has no permissions to do anything... regards From: Rob Crittenden [rcrit...@redhat.com] Sent: Wednesday, 30 March 2011 9:49 a.m. To: Steven Jones Cc: Rich Megginson; freeipa-users

Re: [Freeipa-users] AD setup failure

2011-03-29 Thread Steven Jones
uh, this is a AD 2003 domain, so this stuff only works with 2008 AD? regards From: Rich Megginson [rmegg...@redhat.com] Sent: Wednesday, 30 March 2011 9:36 a.m. To: Steven Jones Cc: Rob Crittenden; freeipa-users@redhat.com Subject: Re: [Freeipa-users] AD

Re: [Freeipa-users] client setup failure

2011-03-29 Thread Steven Jones
From: Rob Crittenden [rcrit...@redhat.com] Sent: Wednesday, 30 March 2011 9:24 a.m. To: Steven Jones Cc: d...@redhat.com; freeipa-users@redhat.com Subject: Re: [Freeipa-users] client setup failure Steven Jones wrote: What patch? and how do I apply

Re: [Freeipa-users] AD setup failure

2011-03-29 Thread Steven Jones
Same failure message From: Rob Crittenden [rcrit...@redhat.com] Sent: Wednesday, 30 March 2011 9:57 a.m. To: Steven Jones Cc: Rich Megginson; freeipa-users@redhat.com Subject: Re: [Freeipa-users] AD setup failure Steven Jones wrote: Hi, I get

Re: [Freeipa-users] client setup failure

2011-03-29 Thread Steven Jones
[rcrit...@redhat.com] Sent: Wednesday, 30 March 2011 10:06 a.m. To: Steven Jones Cc: d...@redhat.com; freeipa-users@redhat.com Subject: Re: [Freeipa-users] client setup failure Steven Jones wrote: From: Rob Crittenden [rcrit...@redhat.com] Sent: Wednesday

Re: [Freeipa-users] client setup failure

2011-03-29 Thread Steven Jones
is stupidity IMHO. F15 itself is alpha codecrazy regards Steven From: Rob Crittenden [rcrit...@redhat.com] Sent: Wednesday, 30 March 2011 10:23 a.m. To: Steven Jones Cc: d...@redhat.com; freeipa-users@redhat.com Subject: Re: [Freeipa-users] client setup

[Freeipa-users] 6.1 beta

2011-04-03 Thread Steven Jones
Hi, This has IPA 2.0 rcX server and client in it? regards Steven ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users

Re: [Freeipa-users] 6.1 beta

2011-04-03 Thread Steven Jones
ooohhh Think I can answer that myself! ipa-server-2.0.0-16.el6.x86_64 :D regards From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on behalf of Steven Jones [steven.jo...@vuw.ac.nz] Sent: Monday, 4 April 2011 9:29 a.m. To: d

Re: [Freeipa-users] 6.1 beta

2011-04-07 Thread Steven Jones
8- Just to elaborate on Dmitri's comments. In addition to the IPA client and server packages that are included in the RHEL6.1 beta channel, there will be a separate RHEL add-on channel, Enterprise Identity Replication. That add-on channel will contain ds-replication and the Windows sync

Re: [Freeipa-users] 6.1 beta

2011-04-07 Thread Steven Jones
: Friday, 8 April 2011 10:21 a.m. To: freeipa-users@redhat.com Subject: Re: [Freeipa-users] 6.1 beta On 04/07/2011 05:32 PM, Steven Jones wrote: 8- Just to elaborate on Dmitri's comments. In addition to the IPA client and server packages that are included in the RHEL6.1 beta channel

  1   2   3   4   5   6   7   >