Anyone have any suggestions to using the auto member function in IPA? I've
tried to set it up so if a server is enrolled by a user called build then it
should add it to a specific server group. I put in an inclusive rule and the
expression is just build, but it doesn't work. Do I need to
On Apr 30, 2013, at 9:30 AM, John Moyer
john.mo...@digitalreasoning.commailto:john.mo...@digitalreasoning.com wrote:
Anyone have any suggestions to using the auto member function in IPA? I've
tried to set it up so if a server is enrolled by a user called build then it
should add it to a
Yep, enrolledby is what I'm using, but I have been adding them manually since
it hasn't been working.
Thanks,
_
John Moyer
On Apr 30, 2013, at 1:21 PM, JR Aquino jr.aqu...@citrix.com wrote:
On Apr 30, 2013, at 9:30 AM, John Moyer
One thing to add is that this build user only has the following access:
Host Administrators
Host enrollment
Would he need more access to do the membership? My original thought was that
technically the user is not doing the addition to the group it's the system
technically doing it so there
On Apr 30, 2013, at 10:43 AM, John Moyer john.mo...@digitalreasoning.com
wrote:
One thing to add is that this build user only has the following access:
Host Administrators
Host enrollment
Would he need more access to do the membership? My original thought was that
technically the
Not a problem, here is the output
ipa automember-find --type=hostgroup
---
1 rules matched
---
Automember Rule: test-group
Inclusive Regex: enrolledby=build
Number of entries returned 1
Thanks,
On 04/30/2013 10:48 AM, JR Aquino wrote:
On Apr 30, 2013, at 10:43 AM, John Moyer john.mo...@digitalreasoning.com
wrote:
One thing to add is that this build user only has the following access:
Host Administrators
Host enrollment
Would he need more access to do the membership? My original
On Apr 30, 2013, at 10:52 AM, John Moyer john.mo...@digitalreasoning.com
wrote:
Not a problem, here is the output
ipa automember-find --type=hostgroup
---
1 rules matched
---
Automember Rule: test-group
Inclusive Regex: enrolledby=build
It comes back with a ton of stuff the row you are probably interested in is
this one:
enrolledby: uid=build,cn=users,cn=accounts,dc=example,dc=com
Thanks,
_
John Moyer
On Apr 30, 2013, at 1:57 PM, JR Aquino jr.aqu...@citrix.com wrote:
On
On Apr 30, 2013, at 11:02 AM, John Moyer john.mo...@digitalreasoning.com
wrote:
It comes back with a ton of stuff the row you are probably interested in is
this one:
enrolledby: uid=build,cn=users,cn=accounts,dc=example,dc=com
Bingo!
Ok, try to adjust your automember rule.
Delete your
I tried adding it in addition to the current rule and that didn't work. I then
deleted the old rule to only leave the rule with the full name
(uid=build,cn=users,cn=accounts,dc=example,dc=com) and that didn't work either.
This is the new output of that command you had me run earlier:
ipa
On Apr 30, 2013, at 11:12 AM, John Moyer john.mo...@digitalreasoning.com
wrote:
I tried adding it in addition to the current rule and that didn't work. I
then deleted the old rule to only leave the rule with the full name
(uid=build,cn=users,cn=accounts,dc=example,dc=com) and that didn't
On Apr 30, 2013, at 11:23 AM, John Moyer john.mo...@digitalreasoning.com
wrote:
Ha! I tried .*build and build.* before contacting you guys, I didn't try
.*build.*
That worked, it automatically added the machine to the group!
Thanks! That will save me s much time!
Not a
On 04/30/2013 02:17 PM, JR Aquino wrote:
On Apr 30, 2013, at 11:12 AM, John Moyer john.mo...@digitalreasoning.com
wrote:
I tried adding it in addition to the current rule and that didn't work. I
then deleted the old rule to only leave the rule with the full name
So I must have looked at the wrong server name, I just tried to add 4 more
servers and none of them worked. Anymore ideas? The target is specified by
the rule name test-group is the target.
Thanks,
_
John Moyer
On Apr 30, 2013, at
I've got about 30mins before I get into my next meeting.
Are you able to hop into IRC in Freenode to work in realtime on #freeipa?
Keeping your head in the cloud
~
Jr Aquino | Sr. Information Security Specialist
GXPN | GIAC Exploit Researcher and Advanced
16 matches
Mail list logo