[Freeipa-users] Is it possible to Disable BAD Password from IPA Configs

2015-03-24 Thread Yogesh Sharma
=* *passwordsufficientpam_unix.so sha512 shadow nullok try_first_pass use_authtok* *passwordsufficientpam_sss.so use_authtok* *passwordrequired pam_deny.so* [root@cipa vagrant]# *Best Regards,__* *Yogesh Sharma* -- Manage your

[Freeipa-users] Configuration of client side components failed! on IPA Server

2015-03-25 Thread Yogesh Sharma
Regards,__* *Yogesh Sharma* -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] Configuration of client side components failed! on IPA Server

2015-03-25 Thread Yogesh Sharma
15:03 browserconfig.html [root@ldap-inf-stg-sg1-01 ipa]# *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in* RHCE, VCE-CIA, RackSpace Cloud U [image: My LinkedIn Profile] http

Re: [Freeipa-users] Configuration of client side components failed! on IPA Server

2015-03-25 Thread Yogesh Sharma
,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in* RHCE, VCE-CIA, RackSpace Cloud U [image: My LinkedIn Profile] http://in.linkedin.com/in/yks On Wed, Mar 25, 2015 at 12:29 PM, Yogesh Sharma yks0...@gmail.com wrote: I have

Re: [Freeipa-users] Configuration of client side components failed! on IPA Server

2015-03-25 Thread Yogesh Sharma
Any suggestion Please. *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in* RHCE, VCE-CIA, RackSpace Cloud U [image: My LinkedIn Profile] http://in.linkedin.com/in/yks On Wed, Mar

Re: [Freeipa-users] Configuration of client side components failed! on IPA Server

2015-03-25 Thread Yogesh Sharma
Hi Martin, Finally, the issue has resolved. :) Is there RPM available to install latest IPA version in CentOS or at least 4.0.2 version. *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http

Re: [Freeipa-users] Configuration of client side components failed! on IPA Server

2015-03-25 Thread Yogesh Sharma
Thanks Martin for the help. *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in* RHCE, VCE-CIA, RackSpace Cloud U [image: My LinkedIn Profile] http://in.linkedin.com/in/yks On Wed

Re: [Freeipa-users] Configuration of client side components failed! on IPA Server

2015-03-25 Thread Yogesh Sharma
, basedn=dc=sd,dc=int Will try changing the Realm and see if it resovled. *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in* RHCE, VCE-CIA, RackSpace Cloud U [image: My LinkedIn Profile

Re: [Freeipa-users] Configuration of client side components failed! on IPA Server

2015-03-25 Thread Yogesh Sharma
I have tried on multiple Platform. Setup the nisdomain and it is resolving, though it is getting the same error. Any help would be helpful. *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http

Re: [Freeipa-users] Configuration of client side components failed! on IPA Server

2015-03-25 Thread Yogesh Sharma
,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in* RHCE, VCE-CIA, RackSpace Cloud U [image: My LinkedIn Profile] http://in.linkedin.com/in/yks On Wed, Mar 25, 2015 at 6:10 PM, Martin Kosek mko...@redhat.com wrote

[Freeipa-users] Not able to SSH with User Created in IPA Server

2015-03-26 Thread Yogesh Sharma
sshd[11575]: reverse mapping checking getaddrinfo for del-static-50-237-16-61.direct.net.in [61.16.237.50] failed - POSSIBLE BREAK-IN ATTEMPT! Mar 26 10:11:58 ldap-inf-stg-sg1-01 sshd[11576]: Connection closed by 61.16.237.50 *Best Regards,__* *Yogesh

Re: [Freeipa-users] IPA Client using Source Code

2015-03-30 Thread Yogesh Sharma
Sure. *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in* RHCE, VCE-CIA, RackSpace Cloud U [image: My LinkedIn Profile] http://in.linkedin.com/in/yks On Mon, Mar 30, 2015 at 3:05

[Freeipa-users] IPA Client using Source Code

2015-03-30 Thread Yogesh Sharma
directory `/root/freeipa-1.2.1/ipa-client' make: *** [all] Error 2 *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in* RHCE, VCE-CIA, RackSpace Cloud U [image: My LinkedIn Profile] http

Re: [Freeipa-users] IPA Client using Source Code

2015-03-30 Thread Yogesh Sharma
as of now. *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in* RHCE, VCE-CIA, RackSpace Cloud U [image: My LinkedIn Profile] http://in.linkedin.com/in/yks On Mon, Mar 30, 2015 at 2

Re: [Freeipa-users] IPA Client using Source Code

2015-03-30 Thread Yogesh Sharma
Thanks Sir. *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in* RHCE, VCE-CIA, RackSpace Cloud U [image: My LinkedIn Profile] http://in.linkedin.com/in/yks On Mon, Mar 30, 2015

Re: [Freeipa-users] IPA Client using Source Code

2015-03-31 Thread Yogesh Sharma
Yes Petr. Support Case has already been opened with them. *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in* RHCE, VCE-CIA, RackSpace Cloud U [image: My LinkedIn Profile] http

Re: [Freeipa-users] Not able to SSH with User Created in IPA Server

2015-03-27 Thread Yogesh Sharma
): received: [0][sd.int] Apologies of using bold letters. *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in* RHCE, VCE-CIA, RackSpace Cloud U [image: My LinkedIn Profile] http

Re: [Freeipa-users] Not able to SSH with User Created in IPA Server

2015-03-27 Thread Yogesh Sharma
No. This is the second attempt after changing the password on first login. If you want I can re-send you the logs but this is the second login logs of this user. *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web

[Freeipa-users] IPA Client Install on Amazon Linux

2015-03-27 Thread Yogesh Sharma
,__* *Yogesh Sharma* -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] IPA Client Install on Amazon Linux

2015-03-29 Thread Yogesh Sharma
Thanks Gonzalo. Appreciate your help here, Let me try this. *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in* RHCE, VCE-CIA, RackSpace Cloud U [image: My LinkedIn Profile] http

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

2015-03-23 Thread Yogesh Sharma
/ca.crt [sssd] services = nss, pam, ssh config_file_version = 2 domains = stg.initd.com [nss] debug_level = 6 [pam] [sudo] [autofs] [ssh] [pac] *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

2015-03-23 Thread Yogesh Sharma
individually. *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in* RHCE, VCE-CIA, RackSpace Cloud U [image: My LinkedIn Profile] http://in.linkedin.com/in/yks On Mon, Mar 23, 2015 at 4:18 PM

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

2015-03-23 Thread Yogesh Sharma
. Restart of SSSD also does not fix the problem. Should I share my SSSD logs of IPA server or Client or Both. Please suggest. *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in* RHCE

Re: [Freeipa-users] Not able to SSH with User Created in IPA Server

2015-03-26 Thread Yogesh Sharma
Hi Jakub, SSSD prompted to change the password. After changing the password, when we try to ssh again using the new password, it failed. *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http

Re: [Freeipa-users] Not able to SSH with User Created in IPA Server

2015-03-26 Thread Yogesh Sharma
This message is coming as user is trying to login for first time. IPA Admin has set a password and when user try to login it will prompt to change. sssd log it as password expired. *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0

Re: [Freeipa-users] Not able to SSH with User Created in IPA Server

2015-03-26 Thread Yogesh Sharma
125.63.90.34 -sh-4.1$ *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in* RHCE, VCE-CIA, RackSpace Cloud U [image: My LinkedIn Profile] http://in.linkedin.com/in/yks On Thu, Mar 26

Re: [Freeipa-users] Not able to SSH with User Created in IPA Server

2015-03-26 Thread Yogesh Sharma
] *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in* RHCE, VCE-CIA, RackSpace Cloud U [image: My LinkedIn Profile] http://in.linkedin.com/in/yks On Thu, Mar 26, 2015 at 7:10

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

2015-03-23 Thread Yogesh Sharma
(sipa.stg.initd.com,-,stg.initd.com) [root@cipa ~]# *Best Regards,__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in* RHCE, VCE-CIA, RackSpace Cloud U [image: My LinkedIn Profile] http

[Freeipa-users] SUDO with HostGroup and UserGroup not working

2015-03-23 Thread Yogesh Sharma
this. *Best Regards,__* *Yogesh Sharma* -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] IPA User Group Auto membership

2015-08-16 Thread Yogesh Sharma
Same is working when I use userclass instead of title as because options to set title is available only after creating user where as we can set the userclass while creating user from UI. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0

Re: [Freeipa-users] Public Key Authentication Failing

2015-08-19 Thread Yogesh Sharma
Re-Enrolling the server has fixed it, but what has caused this, is still an issue. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in/ * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified

[Freeipa-users] Public Key Authentication Failing

2015-08-18 Thread Yogesh Sharma
for reply debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug2: we did not send a packet, disable method debug1: Next authentication method: password *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com

Re: [Freeipa-users] Public Key Authentication Failing

2015-08-18 Thread Yogesh Sharma
] (0x0080): Could not parse domain SID from [(null)] (Wed Aug 19 01:22:24 2015) [sssd[be[klikpay.int]]] [sdap_idmap_domain_has_algorithmic_mapping] (0x0080): Could not parse domain SID from [(null)] *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com

Re: [Freeipa-users] Public Key Authentication Failing + Failed to Authenticate New User with Public Key

2015-08-19 Thread Yogesh Sharma
Any suggestion please. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in/ * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* https://www.fb.com/yks http://in.linkedin.com

Re: [Freeipa-users] Question on FreeIPA OpenSSH PubKey Authentication

2015-08-22 Thread Yogesh Sharma
Thanks Alex for your Inputs. On my point 2, it happens for freeipa (ldap) users only. If I create a local user, it works perfectly. Will dig more into this. -Yogesh Sharma (Sent from my HTC) On 20-Aug-2015 7:05 pm, Alexander Bokovoy aboko...@redhat.com wrote: On Thu, 20 Aug 2015, Yogesh

Re: [Freeipa-users] Registering Amazon Linux instance remotely

2015-08-22 Thread Yogesh Sharma
. -Yogesh Sharma (Sent from my HTC) On 22-Aug-2015 10:03 pm, NitrouZ dewangg...@xtremenitro.org wrote: Hello! Have you assign security groups to your ipa server and client? By default, Amazon will accept only ssh (port 22) and icmp. And if you want static public IP address, go to Elastic IP

[Freeipa-users] FreeIPA user Home Directory Permission Issue

2015-08-23 Thread Yogesh Sharma
to make it 700. Please suggest. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in/ * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* https://www.fb.com/yks http://in.linkedin.com

Re: [Freeipa-users] FreeIPA user Home Directory Permission Issue

2015-08-23 Thread Yogesh Sharma
Typo: Umask set is 0077, then the permission should be 700, though we are getting 755. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in/ * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified

[Freeipa-users] Question on FreeIPA OpenSSH PubKey Authentication

2015-08-20 Thread Yogesh Sharma
/sss_ssh_knownhostsproxy -p %p %h A suggestion can really help us moving forward. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in/ * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified

[Freeipa-users] Error while Enrolling Client

2015-08-11 Thread Yogesh Sharma
: Insufficient access: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Ticket not yet valid) *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http

Re: [Freeipa-users] Error while Enrolling Client

2015-08-11 Thread Yogesh Sharma
config changes required? *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in/ * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* https://www.fb.com/yks http://in.linkedin.com/in/yks

[Freeipa-users] IPA Server Replication Info

2015-08-13 Thread Yogesh Sharma
,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in/ * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* https://www.fb.com/yks http://in.linkedin.com/in/yks https://twitter.com/checkwithyogesh http://google.com

Re: [Freeipa-users] PTR record not adding to IPA DNS

2015-08-14 Thread Yogesh Sharma
Forward zone: initd.int Reverse: 32.16.172.in-addr.arpa. https://ipa-inf-prd-ng2-01.klikpay.int/ipa/ui/#32.16.172.in-addr.arpa. CIDR of our DHCP: 172.16.32.0/20 *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web

Re: [Freeipa-users] PTR record not adding to IPA DNS

2015-08-14 Thread Yogesh Sharma
, idnsrecord *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in/ * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* https://www.fb.com/yks http://in.linkedin.com/in/yks https

[Freeipa-users] Sudo Rule Not working with UserGroup

2015-08-14 Thread Yogesh Sharma
Hi, We have moved to next step and working to configuring the Sudo Rule. When we add individual users to sudo rules, it works perfectly. However as soon as we add usergroup to sudo rules, It stop working. *Best Regards,* *__* *Yogesh Sharma* *Email

[Freeipa-users] IPA Client Unattended Registration Issue

2015-08-14 Thread Yogesh Sharma
failed. Rolling back changes. IPA client is not configured on this system. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in/ * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* https

Re: [Freeipa-users] IPA Server Replication Info

2015-08-14 Thread Yogesh Sharma
Thanks Jakub. From your answer 2, would both DNS will work as Master if we use IPA DNS. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in/ * *RHCE, VCE-CIA, RACKSPACE CLOUD U

Re: [Freeipa-users] Sudo Rule Not working with UserGroup

2015-08-14 Thread Yogesh Sharma
It has started working. Not sure what happened, but seems to be issue with cache time out again. Thanks Jakub. I will update more if I am able to replicate the issue again. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com

Re: [Freeipa-users] IPA Server Replication Info

2015-08-14 Thread Yogesh Sharma
Okay. So both the DNS is Master. Thanks Jakub, this can be closed. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in/ * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* https

[Freeipa-users] IPA User Group Auto membership

2015-08-15 Thread Yogesh Sharma
, DBA II etc, However it is not working. We have tested the regex, and it seems to be working while testing it. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in/ * *RHCE, VCE-CIA

Re: [Freeipa-users] IPA User Group Auto membership

2015-08-15 Thread Yogesh Sharma
Hi Rob, My concern was for new entries only. -Yogesh Sharma (Sent from my HTC) On 15-Aug-2015 7:40 pm, Rob Crittenden rcrit...@redhat.com wrote: Yogesh Sharma wrote: Team,, We are having issue in configuring Auto Membership for Usergroup i.e. when ever we add/update a user to IPA

Re: [Freeipa-users] Error while Enrolling Client

2015-08-12 Thread Yogesh Sharma
Thanks Jakub/Lukas, Setting the right cache timeout fix the issue. man sssd-sudo really helped us. Thanks again for the suggestion. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in

Re: [Freeipa-users] PTR record not adding to IPA DNS

2015-08-14 Thread Yogesh Sharma
Thanks Martin. Redhat Rock :) *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in/ * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* https://www.fb.com/yks http://in.linkedin.com

Re: [Freeipa-users] IPA Client Unattended Registration Issue

2015-08-14 Thread Yogesh Sharma
Thanks Martin, This works and apologies for not confirming the solution. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in/ * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* https

Re: [Freeipa-users] IPA Client Unattended Registration Issue

2015-08-14 Thread Yogesh Sharma
Thanks Martin, It worked. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in/ * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* https://www.fb.com/yks http://in.linkedin.com

[Freeipa-users] PTR record not adding to IPA DNS

2015-08-14 Thread Yogesh Sharma
Hi, Upon client registration , PTR records are not getting added to reverse Zone in IPA DNS. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in/ * *RHCE, VCE-CIA, RACKSPACE CLOUD U

Re: [Freeipa-users] Multiple Reverse (PTR) Zone

2015-10-29 Thread Yogesh Sharma
Sure Petr. Will go through it. Thanks for Sharing. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com <yks0...@gmail.com> | Web: www.initd.in <http://www.initd.in/> * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* <https://www

[Freeipa-users] Multiple Reverse (PTR) Zone

2015-10-29 Thread Yogesh Sharma
ng. *Best Regards,* *__________* *Yogesh Sharma* *Email: yks0...@gmail.com <yks0...@gmail.com> | Web: www.initd.in <http://www.initd.in/> * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* <https://www.fb.com/yks> <http://in.linkedin.com/in/yks> <https://t

Re: [Freeipa-users] Multiple Reverse (PTR) Zone

2015-10-30 Thread Yogesh Sharma
Thanks it is resolved. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com <yks0...@gmail.com> | Web: www.initd.in <http://www.initd.in/> * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* <https://www.fb.com/yks> <h

[Freeipa-users] IPA Replication not working for User and DNS

2015-10-30 Thread Yogesh Sharma
cn=replica,cn=dc\=klikpay\,dc\=int,cn=mapping tree,cn=config [ipa-inf-prd-ng2-01.klikpay.int] reports: Update failed! Status: [-1 - LDAP error: Can't contact LDAP server] *Best Regards,* *______* *Yogesh Sharma* *Email: yks0...@gmail.com <yks0...@gmail.com&g

Re: [Freeipa-users] IPA Replication not working for User and DNS

2015-11-01 Thread Yogesh Sharma
://google.com/+YogeshSharmaOnGooglePlus> On Mon, Nov 2, 2015 at 11:24 AM, Yogesh Sharma <yks0...@gmail.com> wrote: > Tried to re-enroll the replica however, getting the same error, though I > am able to connect to server. > > = > > Starting replication, please wait unti

Re: [Freeipa-users] IPA Replication not working for User and DNS

2015-11-01 Thread Yogesh Sharma
Listening: [root@ipa-inf-prd-ng2-02 ~]# telnet ipa-inf-prd-ng2-01.klikpay.int 636 Trying 172.16.32.10... Connected to ipa-inf-prd-ng2-01.klikpay.int. Escape character is '^]'. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com <y

Re: [Freeipa-users] IPA Replication not working for User and DNS

2015-10-30 Thread Yogesh Sharma
686 from slave to master and vice versa. -Yogesh Sharma (Sent from my HTC) On 30-Oct-2015 7:06 pm, "Rob Crittenden" <rcrit...@redhat.com> wrote: > Martin Basti wrote: > > > > > > On 30.10.2015 11:54, Yogesh Sharma wrote: > >> Additionally, On Replica UI,

Re: [Freeipa-users] IPA Replication not working for User and DNS

2015-11-02 Thread Yogesh Sharma
rds,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com <yks0...@gmail.com> | Web: www.initd.in <http://www.initd.in/> * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* <https://www.fb.com/yks> <http://in.linkedin.com/in/yks> <https

Re: [Freeipa-users] IPA Replication not working for User and DNS

2015-10-30 Thread Yogesh Sharma
Additionally, On Replica UI, I am getting below Error Message: IPA Error 4301: CertificateOperationError Certificate operation cannot be completed: Unable to communicate with CMS (Not Found) *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com

Re: [Freeipa-users] IPA Replication not working for User and DNS

2015-11-03 Thread Yogesh Sharma
ngelog namingContexts: dc=klikpay,dc=int namingContexts: o=ipaca # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 [root@ipa-inf-prd-ng2-02 ~]# *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com <yks0...@gmail.c

Re: [Freeipa-users] FreeIPA user Home Directory Permission Issue

2015-08-25 Thread Yogesh Sharma
Hi Simo, We are usingsession optional *pam_oddjob_mkhomedir*.so umask=0077 *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in/ * *RHCE, VCE-CIA, RACKSPACE CLOUD U

Re: [Freeipa-users] FreeIPA user Home Directory Permission Issue

2015-08-25 Thread Yogesh Sharma
Hi Simo, We are usingsession optional *pam_oddjob_mkhomedir*.so umask=0077 and included in password-auth-ac and password-auth *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http

Re: [Freeipa-users] FreeIPA user Home Directory Permission Issue

2015-08-31 Thread Yogesh Sharma
Thanks Simo and Jakub. -Yogesh Sharma (Sent from my HTC) On 31-Aug-2015 5:10 pm, "Jakub Hrozek" <jhro...@redhat.com> wrote: > On Tue, Aug 25, 2015 at 09:42:44AM -0400, Simo Sorce wrote: > > On Tue, 2015-08-25 at 15:30 +0530, Yogesh Sharma wrote: > > >

Re: [Freeipa-users] FreeIPA Sudo Error: Resource temporarily unavailable

2015-09-01 Thread Yogesh Sharma
Even the users details are not coming: [root@btservice-mysql-prd-ng2-01 sssd]# id vg4381 id: vg4381: No such user [root@btservice-mysql-prd-ng2-01 sssd]# getent passwd vg4381 [root@btservice-mysql-prd-ng2-01 sssd]# *Best Regards,* *__* *Yogesh Sharma

Re: [Freeipa-users] FreeIPA Sudo Error: Resource temporarily unavailable

2015-09-01 Thread Yogesh Sharma
Hi, This is fixed. On digging more found that my resolv.conf was updated and it was not able to find the domain. Fixing the resolv.conf with right nameserver, fixed the issue. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com <y

[Freeipa-users] FreeIPA Sudo Error: Resource temporarily unavailable

2015-09-01 Thread Yogesh Sharma
rom_cache] (0x0400): Returning 1 rules for [vg4...@klikpay.int] (Tue Sep 1 17:00:01 2015) [sssd[sudo]] [sss_dp_req_destructor] (0x0400): Deleting request: [0x407380:0:1:vg4...@klikpay.int] *Best Regards,* *______* *Yogesh Sharma* *Email: yks0...@gmail

[Freeipa-users] Need Suggestion on Multi Realm Environment

2016-01-07 Thread Yogesh Sharma
d_config Client configuration complete. Would be helpful I can get some reference as how can we do it. *Best Regards,* *______* *Yogesh Sharma* *Email: yks0...@gmail.com <yks0...@gmail.com> | Web: www.initd.in <http://www.initd.in/> * *RHCE

Re: [Freeipa-users] Need Suggestion on Multi Realm Environment

2016-01-07 Thread Yogesh Sharma
gards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com <yks0...@gmail.com> | Web: www.initd.in <http://www.initd.in/> * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* <https://www.fb.com/yks> <http://in.linkedin.com/in/yks

[Freeipa-users] Two Factor = SSHKeys + OTP or Password

2015-12-22 Thread Yogesh Sharma
,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com <yks0...@gmail.com> | Web: www.initd.in <http://www.initd.in/> * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* <https://www.fb.com/yks> <http://in.linkedin.com/in/yks> <https://twitter.com/checkwithyogesh> <http://goo

Re: [Freeipa-users] Two Factor = SSHKeys + OTP or Password

2015-12-23 Thread Yogesh Sharma
Thanks. After upgrading the openssh to 6.1 and using AuthenticationMethod, it works. -Yogesh Sharma (Sent from my HTC) On 22-Dec-2015 8:51 pm, "Sumit Bose" <sb...@redhat.com> wrote: > On Tue, Dec 22, 2015 at 06:51:25PM +0530, Yogesh Sharma wrote: > > Hi List, > &

[Freeipa-users] IPA Users enable to run Cron

2016-01-11 Thread Yogesh Sharma
to troubleshoot it further at our end. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com <yks0...@gmail.com> | Web: www.initd.in <http://www.initd.in/> * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* <https://www.fb.com/yks> <h

Re: [Freeipa-users] IPA Users enable to run Cron

2016-01-11 Thread Yogesh Sharma
HBAC has "Any Service" enabled, However, while doing HBAC Test, I am getting Access Denied. Checking it. Thanks for the suggestion. Any further suggestion would be helpful. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com <yks0

[Freeipa-users] UNABLE TO SEARCH HBAC RULE

2016-01-20 Thread Yogesh Sharma
, then login is failing. Please suggest what we need to do so that HBAC admin can search the HBAC rule in FreeIPA rule. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com <yks0...@gmail.com> | Web: www.initd.in <http://www.initd.in/&

Re: [Freeipa-users] Unable to search HBAC Rule

2016-01-20 Thread Yogesh Sharma
Hi Martin, FreeIPA version 4.1.0 Will look into the Workaround. Thanks *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com <yks0...@gmail.com> | Web: www.initd.in <http://www.initd.in/> * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certif