Dmitri Pal wrote:
> On 07/20/2014 06:37 PM, Rob Crittenden wrote:
>> sergey ivanov wrote:
>>> Dear IPA developers, I'd like to describe what we are doing and ask
>>> about existing ways to do it easier, or if there is no such ways - to
>>> propose creating some tools to ease such way of migration.
On 07/20/2014 06:37 PM, Rob Crittenden wrote:
sergey ivanov wrote:
Dear IPA developers, I'd like to describe what we are doing and ask
about existing ways to do it easier, or if there is no such ways - to
propose creating some tools to ease such way of migration.
We are preparing for migration
sergey ivanov wrote:
> Dear IPA developers, I'd like to describe what we are doing and ask
> about existing ways to do it easier, or if there is no such ways - to
> propose creating some tools to ease such way of migration.
>
> We are preparing for migration to IPA. In our organization we were
> u
On Thu, Feb 21, 2013 at 03:07:10PM +0100, Han Boetes wrote:
> This is what you have to do to enable sudo support while using freeipa: I
> got it all from
> sssd-sudo(5).
>
> # yum install libsss_sudo
>
> Add this line to /etc/nsswitch.conf
>
> sudoers: files sss
>
> Edit /etc/sssd/sssd.conf
On 02/24/2012 01:59 PM, Dan Scott wrote:
On Fri, Feb 24, 2012 at 15:48, Rich Megginson wrote:
On 02/24/2012 01:34 PM, Dan Scott wrote:
On Fri, Feb 24, 2012 at 13:43, Rob Crittendenwrote:
Dan Scott wrote:
Hi,
I have an idea for a new feature. I've been having a lot of problems
with repli
On Fri, Feb 24, 2012 at 15:48, Rich Megginson wrote:
> On 02/24/2012 01:34 PM, Dan Scott wrote:
>>
>> On Fri, Feb 24, 2012 at 13:43, Rob Crittenden wrote:
>>>
>>> Dan Scott wrote:
Hi,
I have an idea for a new feature. I've been having a lot of problems
with replication re
On 02/24/2012 01:34 PM, Dan Scott wrote:
On Fri, Feb 24, 2012 at 13:43, Rob Crittenden wrote:
Dan Scott wrote:
Hi,
I have an idea for a new feature. I've been having a lot of problems
with replication recently and I think the following would be useful.
Can we show the replication status of t
On Fri, Feb 24, 2012 at 13:43, Rob Crittenden wrote:
> Dan Scott wrote:
>>
>> Hi,
>>
>> I have an idea for a new feature. I've been having a lot of problems
>> with replication recently and I think the following would be useful.
>>
>> Can we show the replication status of the masters/replicas? And
Dan Scott wrote:
Hi,
I have an idea for a new feature. I've been having a lot of problems
with replication recently and I think the following would be useful.
Can we show the replication status of the masters/replicas? And also
show whether they contain a CA?
Something like:
ipa-replica-manag
James Roman wrote:
>
> From what I can see it looks like the missing piece would be the ability
> to look up tac_plus user->group assignments from the FreeIPA/389 LDAP
> server. It looks like tac_plus has ""integrated"" the authentication
> with LDAP via PAM, but not the authorization. When buildi
James Roman wrote:
>
>>>
>>> From both a network and a security point of view, TACACS+ is
>>> considered preferable to RADIUS; among other benefits, it enciphers
>>> the entire conversation, rather than just portions of it, and can
>>> provide more fine-grain authorization than RADIUS. Most Cisco
On 08/25/2010 11:22 AM, James Roman wrote:
The more practical solution which may be available to you would be to
avail yourself of the PAM integration in the tac_plus project (but to
be honest I don't see how that would give you any of the sophisticated
features you cite as being a prime motivato
From both a network and a security point of view, TACACS+ is
considered preferable to RADIUS; among other benefits, it enciphers
the entire conversation, rather than just portions of it, and can
provide more fine-grain authorization than RADIUS. Most Cisco shops
I've encountered consider RADIU
On 08/25/2010 08:21 AM, david klein wrote:
On Wed, Aug 25, 2010 at 6:50 AM, John Dennis wrote:
On 08/24/2010 11:22 PM, david klein wrote:
Sorry to those who have already seen this; I posted to the wrong
mailing list (the -interest mailing list instead of the -users list).
As an NMS engineer,
On Wed, Aug 25, 2010 at 6:50 AM, John Dennis wrote:
> On 08/24/2010 11:22 PM, david klein wrote:
>>
>> Sorry to those who have already seen this; I posted to the wrong
>> mailing list (the -interest mailing list instead of the -users list).
>>
>> As an NMS engineer, I have a use for integrated TAC
On 08/24/2010 11:22 PM, david klein wrote:
Sorry to those who have already seen this; I posted to the wrong
mailing list (the -interest mailing list instead of the -users list).
As an NMS engineer, I have a use for integrated TACACS+ with a unified
identity solution, so that the same account nam
16 matches
Mail list logo
