Chris Moody wrote:
> Hello.
>
> First wanted to thank everyone working hard to bring this awesome bundle
> of applications to market. This is a great project and I really
> appreciate the efforts.
>
> I need a hand with a new 4.4.3 install that I'm still trying to flesh
> out fully to support
Hello.
First wanted to thank everyone working hard to bring this awesome bundle
of applications to market. This is a great project and I really
appreciate the efforts.
I need a hand with a new 4.4.3 install that I'm still trying to flesh
out fully to support all the services I need.
I recently
On 10/17/2016 02:44 AM, 郑磊 wrote:
Hello everyone,
I'm using freeipa, and having a test and research with the function
of freeipa. At the same time, I have carried on the chinese translation
to the web interface, also added own function module in web interface.
However, For these changes I
On 17/10/16 02:44, 郑磊 wrote:
Hello everyone,
I'm using freeipa, and having a test and research with the function of
freeipa. At the same time, I have carried on the chinese translation to the
web interface, also added own function module in web interface. However, For
these changes I
Hello everyone,
I'm using freeipa, and having a test and research with the function of
freeipa. At the same time, I have carried on the chinese translation to the
web interface, also added own function module in web interface. However, For
these changes I don't know how to interact with
Hey Pavel,
Thanks for the reply! It's not exactly that I want to allow any command to
be run as app_user. The command I actually want to run is very long, and
complicated and wouldn't mean much in this context, so I simplified my
example. The problem is that *any command *I run will fail, wether
On 08/30/2016 05:08 PM, Ryan Whalen wrote:
Hi All,
Im having an issue getting a command to run properly, and the issue
seems to be with Freeipa sudo permissions. Specifically 'sudo su -
app_user -c ""' prompts for a password when run.
However if I 'sudo su - app_user' and then run the '' as
On 5.5.2016 18:39, Roderick Johnstone wrote:
> Hi
>
> I need to run some ipa commands in cron jobs.
>
> The post here:
> https://www.redhat.com/archives/freeipa-users/2014-March/msg00044.html
> suggests I need to use a keytab file to authenticate kerberos.
>
> I've tried the prescription there,
f you need to access the service account, then setup a sudo rule to
switch user to that account.
Example: "sudo su - svc_useradm"
-Mike
-Original Message-
From: Roderick Johnstone <r...@ast.cam.ac.uk>
Sent: May 5, 2016 12:39 PM
To: freeipa-users@redhat.com
Subject: [
From: Roderick Johnstone <r...@ast.cam.ac.uk>
Sent: May 5, 2016 12:39 PM
To: freeipa-users@redhat.com
Subject: [Freeipa-users] Help needed with keytabs
Hi
I need to run some ipa commands in cron jobs.
The post here:
https://www.redhat.com/archives/freeipa-users/2014-March/msg00044.h
sudo rule to switch
user to that account.
Example: "sudo su - svc_useradm"
-Mike
-Original Message-
>From: Roderick Johnstone <r...@ast.cam.ac.uk>
>Sent: May 5, 2016 12:39 PM
>To: freeipa-users@redhat.com
>Subject: [Freeipa-users] Help needed with keytabs
&g
Hi
I need to run some ipa commands in cron jobs.
The post here:
https://www.redhat.com/archives/freeipa-users/2014-March/msg00044.html
suggests I need to use a keytab file to authenticate kerberos.
I've tried the prescription there, with variations, without success.
My current testing
On Mon, May 02, 2016 at 06:13:42AM +0300, Ben .T.George wrote:
> HI All
>
> sudo rules got worked .actually i tried after 6 hours, what is the default
> time to get affect this rule affect normally, is there any way to manually
> pull changes from client?
see man sssd-sudo, there are
HI All
sudo rules got worked .actually i tried after 6 hours, what is the default
time to get affect this rule affect normally, is there any way to manually
pull changes from client?
Regards,
Ben
On Sun, May 1, 2016 at 11:46 PM, Ben .T.George
wrote:
> HI
>
> i have a
HI
i have a working setup of FreeIPA 4.3 with AD integrated, I can able to
apply HBAC rules and from client side it's working.
how can i apply sudo rules to that specific POSIX group.
i have created sample rue and added 2 commands put option as !authenticate
and attached this rule to client,
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
>> [root@als-centos0002 sys-ops]# nisdomainname
>> dakar.useast.hpcloud.net
>>
>> [root@als-centos0002 sys-ops]# getent netgroup opsauto
>> opsauto
>> (als-ubuntu0001.oa.ftc.hpelabs.net,-,eucalyptus.internal)
>> (als-centos0002.dakar.useast.hpcloud.net,-,eucalyptus.internal)
>
I still can't find the problem after a lot of searching, can someone give me a
little advice? Assembling a POC of FreeIPA 4.1.0 server (stock CentOS-7
packages) and a CentOS 6.7 server with their stock 3.0.0 packages. Sudo
version on the client is sudo-1.8.6p3.
Have created a general sudo
Sparks, Alan wrote:
> I still cant find the problem after a lot of searching, can someone
> give me a little advice? Assembling a POC of FreeIPA 4.1.0 server
> (stock CentOS-7 packages) and a CentOS 6.7 server with their stock 3.0.0
> packages. Sudo version on the client is sudo-1.8.6p3.
>
Sparks, Alan wrote:
>
>>> [root@als-centos0002 sys-ops]# nisdomainname
>>> dakar.useast.hpcloud.net
>>>
>>> [root@als-centos0002 sys-ops]# getent netgroup opsauto
>>> opsauto
>>> (als-ubuntu0001.oa.ftc.hpelabs.net,-,eucalyptus.internal)
>>>
Martin Kosek wrote:
On 06/01/2015 02:19 AM, Sina Owolabi wrote:
Hi!
I am still stumbling along with this, I have had my IPA domain
destroyed and currently only a CA-less replica is left running the
network.
The existing CA-less replica is on RHEL6.6 with ipa-3.0.0.
I am trying to setup a fresh
Thanks Martin, Rob,
but I think I am totally lost.. I was able to migrate-ds but I think
along the way I broke the replica. Errors I am seeing in the ipa
clients are like so:
Jun 2 16:33:11 ipaclient1 [sssd[ldap_child[27865]]]: Client
'host/ipaclient1.mydom@mydom.com' not found in Kerberos
Hi!
I am still stumbling along with this, I have had my IPA domain
destroyed and currently only a CA-less replica is left running the
network.
The existing CA-less replica is on RHEL6.6 with ipa-3.0.0.
I am trying to setup a fresh CA-master and I have exported the data in
the replica into ldif
Thank you for the reply Sumit - I will look into updating the version of
sssd. If that doesn't work, I will also try adding the
'sourceHostCategory' attribute to rules. Though, I would imagine I would
have to do this for *all* rules if I want them to work as intended. I'll
report back my
On Sat, Feb 14, 2015 at 12:52:10PM -0800, Andrew Egelhofer wrote:
Hi FreeIPA Users-
I've deployed a FreeIPA instance in my Lab, and enrolled a single host, and
a single user ('testuser'). The only HBAC rule I currently have is the
stock allow_all. Yet, when I attempt to log into the host via
Hi FreeIPA Users-
I've deployed a FreeIPA instance in my Lab, and enrolled a single host, and
a single user ('testuser'). The only HBAC rule I currently have is the
stock allow_all. Yet, when I attempt to log into the host via ssh, it
closes the connection.
$ ssh testuser@host
Warning:
On Fri, Jun 27, 2014 at 02:23:47PM -0400, Mark Gardner wrote:
Was trying to add an external ad group to IPA, it kept failing with unable
to connect to server.
Figured I'd reboot to clear things up. Oops.
Now wbinfo --online-status shows are AD as offline.
wbinfo -u shows blank
wbinfo
Was trying to add an external ad group to IPA, it kept failing with unable
to connect to server.
Figured I'd reboot to clear things up. Oops.
Now wbinfo --online-status shows are AD as offline.
wbinfo -u shows blank
wbinfo -n 'DOMAIN\user' gives the following message:
failed to call
.
Johan
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of Mark Gardner [malek...@gmail.com]
Sent: Friday, June 27, 2014 20:23
To: freeipa-users
Subject: [Freeipa-users] Help: Rebooted IPA server and AD Trust shows offline
My Master IPA server has been lost,
My replica is still up and functioning.
what is the best way to proceed?
Do I rebuild my master and add it has a replica?
how do I get my master back in line with my IPA env?
the Master needs to be rebuilt from scratch
red hat 6.5 latest version of
On Thu, Mar 27, 2014 at 7:58 PM, Todd Maugh tma...@boingo.com wrote:
My Master IPA server has been lost,
My replica is still up and functioning.
what is the best way to proceed?
Do I rebuild my master and add it has a replica?
how do I get my master back in line with my IPA env?
Todd Maugh wrote:
My Master IPA server has been lost,
My replica is still up and functioning.
what is the best way to proceed?
Do I rebuild my master and add it has a replica?
how do I get my master back in line with my IPA env?
the Master needs to be rebuilt from scratch
red hat 6.5
On 07/17/2013 11:14 PM, Shapiro, Matthew E CTR DODHRA DMDC (US) wrote:
Hi ,
While running the ipa-client-install script on a RHEL 6.4 server, I get the
following output (please note the indicated line with the arrow):
[root@[hostname]]# ipa-client-install
Discovery was
On 07/05/13 22:04, Rob Crittenden wrote:
https://fedorahosted.org/freeipa/ticket/3364
rob
Thanks for poiting. It was the key.
Now I'm having other issues, but the kind of issues I use to like :)
Regards
--
Arturo Borrero González
Departamento de Seguridad Informática (n...@cica.es)
Centro
On 03/05/13 12:40, Arturo Borrero wrote:
Hi there!
In a freshly installed FreeIPA server, I try:
# ipa migrate-ds
LDAP URI: ldaps://ldap.example.com
Contraseña:
ipa: ERROR: no es posible conectar con u'ldaps://ldap.example.com':
LDAP Server Down
This is a related line I found in the
On 05/07/2013 07:53 AM, Arturo Borrero wrote:
On 03/05/13 12:40, Arturo Borrero wrote:
Hi there!
In a freshly installed FreeIPA server, I try:
# ipa migrate-ds
LDAP URI: ldaps://ldap.example.com
Contraseña:
ipa: ERROR: no es posible conectar con u'ldaps://ldap.example.com':
LDAP Server
Arturo Borrero wrote:
On 03/05/13 12:40, Arturo Borrero wrote:
Hi there!
In a freshly installed FreeIPA server, I try:
# ipa migrate-ds
LDAP URI: ldaps://ldap.example.com
Contraseña:
ipa: ERROR: no es posible conectar con u'ldaps://ldap.example.com':
LDAP Server Down
This is a related line I
Hi there!
In a freshly installed FreeIPA server, I try:
# ipa migrate-ds
LDAP URI: ldaps://ldap.example.com
Contraseña:
ipa: ERROR: no es posible conectar con u'ldaps://ldap.example.com': LDAP
Server Down
This is a related line I found in the logfile:
[Fri May 03 12:30:53 2013] [error] ipa:
Sorry for the late reply Steven - No, there is no firewall.
-Ben
From: steven.jo...@vuw.ac.nz
CC: freeipa-users@redhat.com
Date: Tue, 15 May 2012 21:04:04 +
Subject: Re: [Freeipa-users] Help with ipa-replica-manage
firewall?
regards
Steven Jones
Technical Specialist - Linux RHCE
: rmegg...@redhat.com
To: ben1...@hotmail.com
CC: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Help with ipa-replica-manage
On 05/15/2012 02:49 PM, Ben Ho wrote:
This is the information I retrieved about my server.
ipa
@redhat.com
Subject: Re: [Freeipa-users] Help with ipa-replica-manage
On 05/15/2012 02:49 PM, Ben Ho wrote:
This is the information I retrieved about my server.
*ipa-server-selinux-2.1.3-9.el6.x86_64*
*ipa-client-2.1.3-9.el6.x86_64*
*ipa-server-2.1.3-9.el6.x86_64*
*CentOS release
On Mon, 2012-05-14 at 19:11 -0400, Dmitri Pal wrote:
On 05/14/2012 05:25 PM, Chandan Kumar wrote:
System: Centos 6.2
IPA version : ipa-server-2.1.3-9.el6.x86_64
Thanks
Chandan
I am not sure but seems like something is not properly configured with
the browser.
I do not
:* Tuesday, 15 May 2012 9:25 a.m.
*To:* d...@redhat.com
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] Help regarding Basic FreeIPA setup
System: Centos 6.2
IPA version : ipa-server-2.1.3-9.el6.x86_64
Thanks
Chandan
On Mon, May 14, 2012 at 2:21 PM, Dmitri Pal d
...@redhat.com] on behalf of Chandan Kumar [
chandank.ku...@gmail.com]
*Sent:* Tuesday, 15 May 2012 9:25 a.m.
*To:* d...@redhat.com
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] Help regarding Basic FreeIPA setup
System: Centos 6.2
IPA version : ipa-server-2.1.3-9.el6.x86_64
Hello, I am pretty new to IPA. Right now I have three servers that are
running IPA. I am trying to replicate one server to two other servers. I use
this command:
ipa-replica-manage re-initialize --from example2.edu
On the first server I need to replicate, it works fine. However, on the
On 05/15/2012 01:00 PM, Ben Ho wrote:
Hello,
I am pretty new to IPA. Right now I have three servers that are
running IPA. I am trying to replicate one server to two other
servers. I use this command:
ipa-replica-manage re-initialize --from example2.edu
On the first server I need to
...@redhat.com] on
behalf of Chandan Kumar [chandank.ku...@gmail.com]
Sent: Tuesday, 15 May 2012 9:25 a.m.
To: d...@redhat.com
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Help regarding Basic FreeIPA setup
System: Centos 6.2
IPA version : ipa-server-2.1.3-9.el6.x86_64
Thanks
2012 8:49 a.m.
To: rmegg...@redhat.com
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Help with ipa-replica-manage
This is the information I retrieved about my server.
ipa-server-selinux-2.1.3-9.el6.x86_64
ipa-client-2.1.3-9.el6.x86_64
ipa-server-2.1.3-9.el6.x86_64
CentOS release 6.2
...@hotmail.com
CC: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Help with ipa-replica-manage
On 05/15/2012 01:00 PM, Ben Ho wrote:
Hello,
I am pretty new to IPA. Right now I have three servers
that are running IPA. I am
otherwise working?
-Ben
Date: Tue, 15 May 2012 13:15:46 -0600
From: rmegg...@redhat.com
To: ben1...@hotmail.com
CC: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Help with ipa-replica-manage
On 05/15/2012 01:00 PM, Ben Ho
On 05/14/2012 05:09 PM, Chandan Kumar wrote:
I am a newbie in IPA and was experimenting it on my couple of VMs
before considering it for production level.
Installation went fine, however, I am getting the kerberos key
expiration error at firefox. I am running firefox on the same machine
System: Centos 6.2
IPA version : ipa-server-2.1.3-9.el6.x86_64
Thanks
Chandan
On Mon, May 14, 2012 at 2:21 PM, Dmitri Pal d...@redhat.com wrote:
**
On 05/14/2012 05:09 PM, Chandan Kumar wrote:
I am a newbie in IPA and was experimenting it on my couple of VMs before
considering it for
On 05/14/2012 05:25 PM, Chandan Kumar wrote:
System: Centos 6.2
IPA version : ipa-server-2.1.3-9.el6.x86_64
Thanks
Chandan
I am not sure but seems like something is not properly configured with
the browser.
I do not remember seeing SPNEGO in the GSSAPI negotiation in this flow
on a
-users@redhat.com
Subject: Re: [Freeipa-users] Help regarding Basic FreeIPA setup
System: Centos 6.2
IPA version : ipa-server-2.1.3-9.el6.x86_64
Thanks
Chandan
On Mon, May 14, 2012 at 2:21 PM, Dmitri Pal
d...@redhat.commailto:d...@redhat.com wrote:
On 05/14/2012 05:09 PM, Chandan Kumar wrote:
I
On Thu, 2011-05-19 at 01:41 +, Steven Jones wrote:
I have an internal ajax error!
:(
the logs say,
Ping me later on IRC, I'd like you to run some commands, and it will be
easier done interactively.
Simo.
___
Freeipa-users mailing list
Steven Jones wrote:
I have an internal ajax error!
:(
the logs say,
[Thu May 19 09:59:35 2011] [notice] Apache/2.2.15 (Unix) DAV/2
mod_auth_kerb/5.4 mod_nss/2.2.15 NSS/3.12.9.0 mod_wsgi/3.2 Python/2.6.6
mod_perl/2.0.4 Perl/v5.10.1 configured -- resuming normal operations
jonesst1 [Thu
56 matches
Mail list logo