On Thu, 27 Jan 2011 19:20:02 -0500
James Roman james.ro...@ssaihq.com wrote:
On 1/27/11 12:58 PM, Simo Sorce wrote:
On Wed, 2011-01-26 at 13:59 -0500, James Roman wrote:
So it looks like the replication password issue was a red herring
as far as the kerberos is concerned. I issued the
On 1/28/11 8:28 AM, Simo Sorce wrote:
On Thu, 27 Jan 2011 19:20:02 -0500
James Romanjames.ro...@ssaihq.com wrote:
On 1/27/11 12:58 PM, Simo Sorce wrote:
On Wed, 2011-01-26 at 13:59 -0500, James Roman wrote:
So it looks like the replication password issue was a red herring
as far as the
On Fri, 28 Jan 2011 09:20:37 -0500
James Roman james.ro...@ssaihq.com wrote:
OK. Now I feel like an idiot. I swear that was the first thing I
checked. It seems the password policy on this server was set at the
base, instead of cn=users. We have a script that reports on expiring
accounts in
On 01/28/2011 10:39 AM, Simo Sorce wrote:
Rirst of all.
I am glad this was resolved, it looked puzzling indeed.
I just want to note that we do not support using the DS password policy
in ipa as we already have the kerberos pw policy, that's why the uid=kdc
was not protected against it.
In v2
On Fri, 28 Jan 2011 17:39:14 -0500
James Roman james.ro...@ssaihq.com wrote:
On 01/28/2011 10:39 AM, Simo Sorce wrote:
Rirst of all.
I am glad this was resolved, it looked puzzling indeed.
I just want to note that we do not support using the DS password
policy in ipa as we already
On 1/27/11 12:58 PM, Simo Sorce wrote:
On Wed, 2011-01-26 at 13:59 -0500, James Roman wrote:
So it looks like the replication password issue was a red herring as
far as the kerberos is concerned. I issued the command
ipa-replica-manage synch ipaserver1.domain.com from the working ldap
replica
On 01/26/2011 09:32 AM, James Roman wrote:
Simo Sorce wrote:
On Tue, 25 Jan 2011 15:58:35 -0500
James Romanjames.ro...@ssaihq.com wrote:
On 1/25/11 2:44 PM, Simo Sorce wrote:
On Tue, 25 Jan 2011 14:33:14 -0500
James Romanjames.ro...@ssaihq.com wrote:
On 01/25/2011
I noticed today that one of our FreeIPA 1.2.2 servers has stopped
issuing tickets. When I attempt to restart all the IPA services the
krb5kdc service failed to restart with the following error:
krb5kdc: Unable to access Kerberos database - while initializing
database for realm DOMAIN.COM
I
On Tue, 25 Jan 2011 12:04:25 -0500
James Roman james.ro...@ssaihq.com wrote:
I noticed today that one of our FreeIPA 1.2.2 servers has stopped
issuing tickets. When I attempt to restart all the IPA services the
krb5kdc service failed to restart with the following error:
krb5kdc: Unable to
On 01/25/2011 01:58 PM, James Roman wrote:
On 1/25/11 2:44 PM, Simo Sorce wrote:
On Tue, 25 Jan 2011 14:33:14 -0500
James Romanjames.ro...@ssaihq.com wrote:
On 01/25/2011 12:42 PM, Simo Sorce wrote:
On Tue, 25 Jan 2011 12:04:25 -0500
James Romanjames.ro...@ssaihq.com wrote:
I noticed
On Tue, 25 Jan 2011 15:58:35 -0500
James Roman james.ro...@ssaihq.com wrote:
On 1/25/11 2:44 PM, Simo Sorce wrote:
On Tue, 25 Jan 2011 14:33:14 -0500
James Romanjames.ro...@ssaihq.com wrote:
On 01/25/2011 12:42 PM, Simo Sorce wrote:
On Tue, 25 Jan 2011 12:04:25 -0500
James
11 matches
Mail list logo
