Re: [Freeipa-users] Web UI access from outside the home network via port forwarding

2016-07-14 Thread Christophe TREFOIS
Hi Jan, Cool doc. Thanks for writing it up! > On 14 Jul 2016, at 07:52, Jan Pazdziora wrote: > > On Mon, Jul 11, 2016 at 07:00:04PM -0700, Harry Kashouli wrote: >> >> I have a freeipa server set up, and would like to access the Web UI >> remotely (from outside my

Re: [Freeipa-users] Web UI access from outside the home network via port forwarding

2016-07-13 Thread Jan Pazdziora
On Mon, Jul 11, 2016 at 07:00:04PM -0700, Harry Kashouli wrote: > > I have a freeipa server set up, and would like to access the Web UI > remotely (from outside my home network). > > I set up a fresh Fedora 24 server install, and installed freeipa-server. > - I own a domain, domain.com > - The

Re: [Freeipa-users] Web UI access from outside the home network via port forwarding

2016-07-13 Thread Harry Kashouli
Thanks for all the info. I think I sorted out the rewrite rules now, and the error I get is "Secure Connection Failed. SSL_ERROR_UNRECOGNIZED_NAME_ALERT". I'm going to try and google this, since I'm assuming I need a ServerAlias somewhere. If someone knows the correct way, please let me know :)

Re: [Freeipa-users] Web UI access from outside the home network via port forwarding

2016-07-13 Thread Christophe TREFOIS
Hi Rob, On that note, how do you handle password changes / first time logins for users that are external to the organization? We need to create accounts for external partners, and expose the UI to the outside so that people can login and change their passwords / add their SSH keys. However,

Re: [Freeipa-users] Web UI access from outside the home network via port forwarding

2016-07-13 Thread Rob Crittenden
Harry Kashouli wrote: I tried uncommenting everything in the ipa-rewrite.conf file, but it still changed the web address. I'll try clearing the cache, in case that was still remembering the links. I may be attacking my original thought badly, if this is going to be bad for security. I'm wanting

Re: [Freeipa-users] Web UI access from outside the home network via port forwarding

2016-07-11 Thread Rob Crittenden
Harry Kashouli wrote: Hi all, I have a freeipa server set up, and would like to access the Web UI remotely (from outside my home network). I set up a fresh Fedora 24 server install, and installed freeipa-server. - I own a domain, domain.com - The hostname of my freeipa