Sorry for the noise, I did some backtracking in the mailing list
archives and found a conversation from December 2015 regarding the same
issue with a nice bugzilla attached
https://bugzilla.redhat.com/show_bug.cgi?id=1287092, I'll try to work
around the issue with group nesting.
/andreas
On
Hi Aleksander and Tomas, thanks for quick responses!
I find trust-based solution more advanced but also more complicated - two
sites, one with FreeIPA and other with AD domain, limited communication
from FreeIPA to AD site, FreeIPA not aware of AD sites, questionable use of
RODCs and Kerberos whic
On Tue, 27 Oct 2015, Tomas Babej wrote:
On 10/27/2015 05:51 PM, Srdjan Dutina wrote:
Hi!
Hello Srdjan,
Is syncing (winsync) users and passwords from MS Active Directory
deprecated in FreeIPA 4.x?
If not, is there some documentation on how to use it?
Winsync synchronization is not depre
On 10/27/2015 05:51 PM, Srdjan Dutina wrote:
> Hi!
>
Hello Srdjan,
> Is syncing (winsync) users and passwords from MS Active Directory
> deprecated in FreeIPA 4.x?
> If not, is there some documentation on how to use it?
>
Winsync synchronization is not deprecated as of now, but we are trying
,
Level 8 Rankin Brown Building,
Wellington, NZ
6012
0064 4 463 6272
From: Rob Crittenden
Sent: Tuesday, 6 May 2014 1:57 a.m.
To: Steven Jones; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync failure
Steven Jones wrote
Steven Jones wrote:
==
[vuwunicoipam002.ods.vuw.ac.nz] reports: Update failed! Status: [-1 Total
update abortedLDAP error: Can't contact LDAP server]
Failed to start replication
==
Any ideas why please? it looked like it transferred about 1900 odd records
then bombed out.
It sort o
On 03/14/2014 12:24 PM, Todd Maugh wrote:
I actually hadnt tried yet to sync from the top level directory
would I just leave the CN out to try that?
The cn=users? Yes.
From: Rich Megginson [rmegg...@redhat.com]
Sent: Friday, March 14, 2014 11:12 AM
T
I actually hadnt tried yet to sync from the top level directory
would I just leave the CN out to try that?
From: Rich Megginson [rmegg...@redhat.com]
Sent: Friday, March 14, 2014 11:12 AM
To: Todd Maugh; freeipa-users@redhat.com
Subject: Re: winsync agreem
On 03/14/2014 12:06 PM, Todd Maugh wrote:
I did find this similar request that I thought looked to be owned by Rich
Megginson
https://fedorahosted.org/389/ticket/460
Rich Can you shed any light on this, or the command I would use to winsync
multiple subtrees?
If you can't sync from the top
I did find this similar request that I thought looked to be owned by Rich
Megginson
https://fedorahosted.org/389/ticket/460
Rich Can you shed any light on this, or the command I would use to winsync
multiple subtrees?
From: freeipa-users-boun...@redha
On 02/27/2014 11:11 PM, Alexander Bokovoy wrote:
> On Thu, 27 Feb 2014, Michal Zacek wrote:
>> Hi,
>>
>> I have successfully completed agreement between Windows and IPA and it
>> works. When I create user in Windows, it's synchronized to IPA and when I
>> change something on IPA for this user, i
On Thu, 27 Feb 2014, Michal Zacek wrote:
Hi,
I have successfully completed agreement between Windows and IPA and
it works. When I create user in Windows, it's synchronized to IPA
and when I change something on IPA for this user, it's synchronized
back to Windows, but when I create *new* us
On 02/27/2014 05:01 PM, Michal Zacek wrote:
Hi,
I have successfully completed agreement between Windows and IPA and it
works. When I create user in Windows, it's synchronized to IPA and
when I change something on IPA for this user, it's synchronized back
to Windows, but when I create *new*
On 11/11/2013 03:42 PM, gflwqs gflwqs wrote:
Hi,
I have configured my IPA server to do a UNI sync fromWindows.
When i change some attribute on a synced user in IPA, for example the
initials attribute, my understanding from the manuals is that when the
next sync operation occurs my changes shoul
On 03/21/2013 12:37 PM, Joseph, Matthew (EXP) wrote:
Hello,
I'm currently in the processing of installing/configuring IPA 2.2.0-16
on a Red Hat 6.4 Server and I'm running into some issues trying to
get IPA to replicate to a Windows 2003 SP2 DC.
Here is the steps I took (I used the Red Hat
On 09/27/2012 05:50 PM, Steven Jones wrote:
8><
This and not bringing over all users because the user can have a sub-folder for
mobile phone sync so gets wiped by the previous bug we discussed are total show
stoppers for our IPA and RHEL desktop deployment,
This is a new one, perhaps
Rich Megginson [rmegg...@redhat.com]
Sent: Friday, 28 September 2012 8:41 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/27/2012 02:38 PM, Steven Jones wrote:
> Its also a forest wide setting
Just to confirm - setting Max
8><
> This and not bringing over all users because the user can have a sub-folder
> for mobile phone sync so gets wiped by the previous bug we discussed are
> total show stoppers for our IPA and RHEL desktop deployment,
This is a new one, perhaps I missed it. If an AD user has a sub-fol
?
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Friday, 28 September 2012 4:08 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re
_
From: Rich Megginson [rmegg...@redhat.com]
Sent: Friday, 28 September 2012 4:08 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement transferred users not going into
ipausers and existing users dropped from all their groups
On 09/26/2012 03:17 PM, St
September 2012 3:57 p.m.
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
Hi,
Unable to get this to work on win2k3r2 even with enterprise admin permissions.
What I have found is this which Im about to try,
1. Use adsiedit.msc to bind to any domain
[steven.jo...@vuw.ac.nz]
Sent: Thursday, 27 September 2012 3:57 p.m.
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
Hi,
Unable to get this to work on win2k3r2 even with enterprise admin permissions.
What I have found is this which Im about to try,
1. Use
On 09/26/2012 03:17 PM, Steven Jones wrote:
Is this expected?
Ticket #2324 AD Users synced to IPA server are not added to "ipausers" group
https://fedorahosted.org/freeipa/ticket/2324
By "existing users" do you mean existing users in IPA? Are these users
synced with entries in AD?
regards
26 September 2012 1:31 p.m.
To: Rich Megginson
Cc: Steven Jones; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
Rich Megginson wrote:
On 09/25/2012 03:34 PM, Steven Jones wrote:
Hi,
I have set the filter size as 2 for the user and it makes no
difference
[natxo.ase...@gmail.com]
Sent: Thursday, 27 September 2012 2:04 a.m.
To: Rob Crittenden
Cc: Steven Jones; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On Wed, Sep 26, 2012 at 5:46 AM, Rob Crittenden wrote:
>
> Steven Jones wrote:
>>
>>
On Wed, Sep 26, 2012 at 5:46 AM, Rob Crittenden wrote:
>
> Steven Jones wrote:
>>
>> Hi,
>>
>> I dont have a ldapmodify command for changing something in AD.
>>
>> I have increased the only scope I/we know about which is the return of
>> objects from a search inside the AD gui but that might be s
llington, NZ
0064 4 463 6272
From: Rob Crittenden [rcrit...@redhat.com]
Sent: Wednesday, 26 September 2012 1:31 p.m.
To: Rich Megginson
Cc: Steven Jones; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
Rich Meggin
eipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
Rich Megginson wrote:
> On 09/25/2012 03:34 PM, Steven Jones wrote:
>> Hi,
>>
>> I have set the filter size as 2 for the user and it makes no
>> difference.
> Where did you set this? In
Rich Megginson wrote:
On 09/25/2012 03:34 PM, Steven Jones wrote:
Hi,
I have set the filter size as 2 for the user and it makes no
difference.
Where did you set this? In IPA? In AD? If so, where? How?
What does "filter size" mean? To me, it means "the size of an LDAP
search filter in a
.
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/24/2012 11:49 PM, Steven Jones wrote:
Hi,
Im confused here, has no one tried to winsync 2000+ users before?
Are there any docs on working around this limit?
Ive up'd the user to 2 but that s
0064 4 463 6272
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of Dmitri Pal [d...@redhat.com]
Sent: Wednesday, 26 September 2012 7:39 a.m.
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement
>
> From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
> behalf of Steven Jones [steven.jo...@vuw.ac.nz]
> Sent: Tuesday, 25 September 2012 3:17 p.m.
> Cc: freeipa-users@redhat.com
> Subject: Re: [Freeipa-use
t.com [freeipa-users-boun...@redhat.com] on
behalf of Steven Jones [steven.jo...@vuw.ac.nz]
Sent: Tuesday, 25 September 2012 3:17 p.m.
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
Hi,
I am trying to run this and getting search exceeded.
ldapsearch -xLLL -
eeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
Hi,
I am trying to run this and getting search exceeded.
ldapsearch -xLLL -D -w -h -s sub -b
OU=VUW_Staff,DC=staff,DC=vuw,DC=ac,DC=nz "cn=*" dn > ad.dns.txt
Looks like I have 5900 AD users
Saturday, 22 September 2012 3:46 a.m.
To: d...@redhat.com
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/21/2012 09:18 AM, Dmitri Pal wrote:
> On 09/21/2012 11:07 AM, Rich Megginson wrote:
>> On 09/21/2012 09:04 AM, Dmitri Pal wrote:
>
-users-boun...@redhat.com] on
behalf of Rich Megginson [rmegg...@redhat.com]
Sent: Saturday, 22 September 2012 3:46 a.m.
To: d...@redhat.com
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/21/2012 09:18 AM, Dmitri Pal wrote:
> On 09/21/2012 11
rmegg...@redhat.com]
*Sent:* Friday, 21 September 2012 11:38 a.m.
*To:* Steven Jones
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/20/2012 03:52 PM, Steven Jones wrote:
Hi,
I have imported users, but there are 5700 of them but I only have
2000
t; It seems IPA has some sort of limit of searching it will only show
>>>>> the first 2k
>>>>> of user entries?
>>>>>
>>>>> regards
>>>>>
>>>>> Steven Jones
>>>>>
>>>>> Technical Specialist - Linux RHCE
>&g
6272
---
*From:* Rich Megginson [rmegg...@redhat.com]
*Sent:* Friday, 21 September 2012 11:38 a.m.
*To:* Steven Jones
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/20/2012 03:52 PM, Steven Jones wrote:
Hi,
I have imp
gt;
>>> regards
>>>
>>> Steven Jones
>>>
>>> Technical Specialist - Linux RHCE
>>>
>>> Victoria University, Wellington, NZ
>>>
>>> 0064 4 463 6272
>>>
>>> -------------------
>>>
>>> *From:* Rich Megginson [rmegg...@re
6272
---
*From:* Rich Megginson [rmegg...@redhat.com]
*Sent:* Friday, 21 September 2012 11:38 a.m.
*To:* Steven Jones
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/20/2012 03:52 PM, Steven Jones
012 11:38 a.m.
> *To:* Steven Jones
> *Cc:* freeipa-users@redhat.com
> *Subject:* Re: [Freeipa-users] winsync agreement wipes IPA users
>
> On 09/20/2012 03:52 PM, Steven Jones wrote:
>> Hi,
>>
>> I have imported users, but there are 5700 of them but I only have 2000 w
: Friday, 21 September 2012 11:38 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/20/2012 03:52 PM, Steven Jones wrote:
Hi,
I have imported users, but there are 5700 of them but I only have 2000 which
corresponds to the view
*From:* freeipa-users-boun...@redhat.com
[freeipa-users-boun...@redhat.com] on behalf of Steven Jones
[steven.jo...@vuw.ac.nz]
*Sent:* Friday, 21 September 2012 8:44 a.m.
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync agreement wipes IPA users
I have hundreds of disable
University, Wellington, NZ
0064 4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Friday, 21 September 2012 8:53 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/20/2012 02:43 PM
6272
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of Dmitri Pal [d...@redhat.com]
Sent: Friday, 21 September 2012 8:56 a.m.
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/20
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
I have hundreds of disable users in IPA now transferred from AD, is there a
quick/clean way to purge them from IPA?
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
[freeipa-users-boun...@redhat.com] on
behalf of Dmitri Pal [d...@redhat.com]
Sent: Friday, 21 September 2012 8:53 a.m.
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/20/2012 04:44 PM, Steven Jones wrote:
I have hundreds of disable users in IPA now
Pal [d...@redhat.com]
Sent: Friday, 21 September 2012 8:56 a.m.
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/20/2012 04:54 PM, Dmitri Pal wrote:
On 09/20/2012 04:43 PM, Steven Jones wrote:
Some comments on the win sync agreement syntax.
Hi,
I&#
----------
>> *From:* freeipa-users-boun...@redhat.com
>> [freeipa-users-boun...@redhat.com] on behalf of Steven Jones
>> [steven.jo...@vuw.ac.nz]
>> *Sent:* Thursday, 20 September 2012 2:48 p.m.
>> *Cc:* freeipa-use
ven Jones
>
> Technical Specialist - Linux RHCE
>
> Victoria University, Wellington, NZ
>
> 0064 4 463 6272
>
>
> *From:* freeipa-users-boun...@redhat.com
> [freeipa-users-boun...@redhat.com] on behalf of Steven Jones
> [steven.jo...@vuw.ac.nz]
> *S
---
*From:* freeipa-users-boun...@redhat.com
[freeipa-users-boun...@redhat.com] on behalf of Steven Jones
[steven.jo...@vuw.ac.nz]
*Sent:* Thursday, 20 September 2012 2:48 p.m.
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync agreement wipes IPA users
it isn
On 09/20/2012 04:44 PM, Steven Jones wrote:
> I have hundreds of disable users in IPA now transferred from AD, is
> there a quick/clean way to purge them from IPA?
using ldapsearch to test the list and then ldapmodify to remove.
>
> regards
>
> Steven Jones
>
> Technical Specialist - Linux RHCE
>
eptember 2012 2:48 p.m.
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
it isnt,
Im doing a OU=VUW_Staff instead of cn=VUW_Staff and its mostly working except
Im also getting some "rubbish" so its looking like the import script/query to
AD i
I have hundreds of disable users in IPA now transferred from AD, is there a
quick/clean way to purge them from IPA?
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
___
Freeipa-users mailin
4 463 6272
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of Steven Jones [steven.jo...@vuw.ac.nz]
Sent: Thursday, 20 September 2012 12:15 p.m.
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA
: Thursday, 20 September 2012 11:03 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/19/2012 04:55 PM, Steven Jones wrote:
Hi,
Sample of errors log,
=
[17/Sep/2012:13:31:48 +1200] NSMMReplicationPlugin - changelog
4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Thursday, 20 September 2012 11:03 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/19/2012 04:55 PM, Steven Jones wrote:
Hi,
Sample
m.
*To:* Steven Jones
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/17/2012 07:10 PM, Steven Jones wrote:
Hi,
I understand that I'll lose users that are cn=Staff_Admins,dc=etc
So the Q is why I am losing users in the --win-subtree
cn=VUW_S
64 4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Wednesday, 19 September 2012 12:32 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/17/2012 07:10 PM, Steven Jones wrote:
Hi,
I unde
Rich Megginson wrote:
On 09/17/2012 07:10 PM, Steven Jones wrote:
Hi,
I understand that I'll lose users that are cn=Staff_Admins,dc=etc
So the Q is why I am losing users in the --win-subtree
cn=VUW_Staff,dc= etc
This I dont understand
I have the -v already, anyway to make it very ve
Victoria University, Wellington, NZ
0064 4 463 6272
*From:* Rich Megginson [rmegg...@redhat.com]
*Sent:* Tuesday, 18 September 2012 12:47 p.m.
*To:* Steven Jones
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-user
RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Tuesday, 18 September 2012 12:47 p.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/17/2012 06:
7 a.m.
*To:* Steven Jones
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/17/2012 04:17 PM, Steven Jones wrote:
Hi,
I just tried to do a winsync agreement with specifying the AD point
as cn=VUW_Staff,dc=staff,dc=vuw,dc=vuw,dc=ac,dc=nz as my
2012 11:37 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/17/2012 04:17 PM, Steven Jones wrote:
Hi,
I just tried to do a winsync agreement with specifying the AD point as
cn=VUW_Staff,dc=staff,dc=vuw,dc=vuw,dc=ac,dc=nz as
On 09/17/2012 04:17 PM, Steven Jones wrote:
Hi,
I just tried to do a winsync agreement with specifying the AD point as
cn=VUW_Staff,dc=staff,dc=vuw,dc=vuw,dc=ac,dc=nz as my users are not
in the users folder but the VUW_Staff folder (at the same level) and
it wiped all IPA users that are also
Megginson [rmegg...@redhat.com]
Sent: Tuesday, 18 September 2012 9:43 a.m.
To: Steven Jones
Cc: d...@redhat.com; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreements, mostly one way.
On 09/17/2012 03:34 PM, Steven Jones wrote:
Hi,
Im confused as section 8.4.5 page 182 first para
-users-boun...@redhat.com
[freeipa-users-boun...@redhat.com] on behalf of Dmitri Pal
[d...@redhat.com]
*Sent:* Tuesday, 18 September 2012 9:22 a.m.
*To:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync agreements, mostly one way.
On 09/17/2012 04:55 PM, Steven Jones wrote:
In
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of Dmitri Pal [d...@redhat.com]
Sent: Tuesday, 18 September 2012 9:22 a.m.
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreements, mostly one way.
On 09/17/2012 04:55 PM, Steven
On 09/17/2012 04:55 PM, Steven Jones wrote:
> In section 8.4.5 it talks about making an agreement one way...which is
> mostly what I want, so everything incl password changes from AD to
> IPA. except I want account disabled / enabled to flow both ways.
>
> So if I do a
>
> ldapmodify -x -D "cn=di
On 09/14/2012 09:20 AM, Dmitri Pal wrote:
On 09/13/2012 08:10 PM, Steven Jones wrote:
=
Are there corresponding users in IPA where the IPA uid is the same as
the AD samaccountname of a user in the admin subtree?
=
I think the answer to that is yes.
"admin-steven" in IPA also exists in
On 09/13/2012 08:10 PM, Steven Jones wrote:
> =
> Are there corresponding users in IPA where the IPA uid is the same as
> the AD samaccountname of a user in the admin subtree?
> =
>
> I think the answer to that is yes.
>
> "admin-steven" in IPA also exists in AD as "admin-steven". So if
On 09/13/2012 06:10 PM, Steven Jones wrote:
=
Are there corresponding users in IPA where the IPA uid is the same as
the AD samaccountname of a user in the admin subtree?
=
I think the answer to that is yes.
"admin-steven" in IPA also exists in AD as "admin-steven". So if I had set
t
=
Are there corresponding users in IPA where the IPA uid is the same as
the AD samaccountname of a user in the admin subtree?
=
I think the answer to that is yes.
"admin-steven" in IPA also exists in AD as "admin-steven". So if I had set
the two to different names the one in IPA woul
RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Friday, 14 September 2012 11:15 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement
On 09/13/2012 05:
versity, Wellington, NZ
0064 4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Friday, 14 September 2012 11:15 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement
On 09/13/2012 05:11 PM, Steven Jones wrote:
>
On 09/13/2012 05:11 PM, Steven Jones wrote:
Hi,
So I have 6.3 and just lost all my IPA users.
In production or in a test environment?
So anyone on 6.2/6.3 until they upgrade after December's 6.4 could lose all
their IPA users if they do a winsync agreement and dont twig to that option
being
Hi,
So I have 6.3 and just lost all my IPA users. So anyone on 6.2/6.3 until they
upgrade after December's 6.4 could lose all their IPA users if they do a
winsync agreement and dont twig to that option being essential if they dont
have a std AD. Not only that my admins are in a separate OU, s
463 6272
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of Steven Jones [steven.jo...@vuw.ac.nz]
Sent: Friday, 14 September 2012 8:53 a.m.
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement
Hi
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Friday, 14 September 2012 2:56 a.m.
To: Rob Crittenden
Cc: Steven Jones; freeipa-users@redhat.com
Subject: Re: [Freeipa-user
ialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
From: Rob Crittenden [rcrit...@redhat.com]
Sent: Friday, 14 September 2012 12:30 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement
Ste
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of Steven Jones [steven.jo...@vuw.ac.nz]
Sent: Friday, 14 September 2012 8:53 a.m.
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement
Hi,
Do you not think that maybe the winsync feature
Megginson [rmegg...@redhat.com]
Sent: Friday, 14 September 2012 2:56 a.m.
To: Rob Crittenden
Cc: Steven Jones; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement
On 09/13/2012 06:30 AM, Rob Crittenden wrote:
> Steven Jones wrote:
>> I just setup a winsync agreement e
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
From: Rob Crittenden [rcrit...@redhat.com]
Sent: Friday, 14 September 2012 12:30 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync
On 09/13/2012 06:30 AM, Rob Crittenden wrote:
Steven Jones wrote:
I just setup a winsync agreement expect its wiped any IPA user that also
exists in AD.
Is this expected? if so how do I stop it doing that?
The 389-ds winsync plugin is deleting entries that appear to be out of
scope,
https:/
Steven Jones wrote:
I just setup a winsync agreement expect its wiped any IPA user that also
exists in AD.
Is this expected? if so how do I stop it doing that?
The 389-ds winsync plugin is deleting entries that appear to be out of
scope,
https://fedorahosted.org/freeipa/ticket/2927
rob
___
ellington, NZ
>
> 0064 4 463 6272
>
>
> From: Rich Megginson [rmegg...@redhat.com]
> Sent: Thursday, 26 July 2012 12:28 p.m.
> To: Steven Jones
> Cc: freeipa-users@redhat.com
> Subject: Re: [Freeipa-users] winsync msi
>
> On 07/25/2012 06:11
@redhat.com
Subject: Re: [Freeipa-users] winsync msi
On 07/25/2012 06:11 PM, Steven Jones wrote:
> Hi,
>
> From a RH support case as I dont have access to the RDS channel.
We just updated the RHEL 6.3 downloads to have the RedHat-PassSync .msi
files.
>
> No, its doesn't allay my
E
Victoria University, Wellington, NZ
0064 4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Thursday, 26 July 2012 11:59 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync msi
On 07/25/2012 02:41 PM, Steven Jones wrote:
Hi,
Ah ok, I
lington, NZ
0064 4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Thursday, 26 July 2012 11:59 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync msi
On 07/25/2012 02:41 PM, Steven Jones wrote:
> Hi,
>
> Ah ok, I have the "official"
Megginson [rmegg...@redhat.com]
Sent: Thursday, 26 July 2012 1:58 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync msi
On 07/24/2012 03:15 PM, Steven Jones wrote:
Hi Rich,
I can appreciate what you are saying, but
Not on Windows but specifically AD, the ve
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Thursday, 26 July 2012 1:58 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync msi
On
RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Wednesday, 25 July 2012 2:54 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync msi
On 07/23/2012 06:32 PM
: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync msi
On 07/23/2012 06:32 PM, Steven Jones wrote:
> Hi,
>
> No not specific developers but some sort of statement of ownership from
> RedHat I suppose. So they are I assume looking for some sort of confidence
> that it wo
Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync msi
On 07/23/2012 05:38 PM, Steven Jones wrote:
Hi,
For the winsync agreement my Windows and security teams want to know its
details,
eg who wrote it,
Red Hat - do you need to know the names of the developers?
it is Micr
Victoria University, Wellington, NZ
0064 4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Tuesday, 24 July 2012 12:11 p.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync msi
On 07/23/2012 05:38 PM, Steven Jones
On 07/23/2012 05:38 PM, Steven Jones wrote:
Hi,
For the winsync agreement my Windows and security teams want to know its
details,
eg who wrote it,
Red Hat - do you need to know the names of the developers?
it is Microsoft certified etc.
Not that I know of - how would one go about doing th
On 03/11/2012 03:45 PM, Steven Jones wrote:
Hi,
If I have a winsync agreement from AD to IPA, and this does uni-directional
password from AD to IPA and for some reason this temporarily breaks, say a
network failure.
If you are talking about password sync from AD to IPA, and only that,
the
Steven Jones wrote:
Hi,
If I have a winsync agreement from AD to IPA, and this does uni-directional
password from AD to IPA and for some reason this temporarily breaks, say a
network failure.
winsync doesn't do password changes, passsync does.
1) Is there a time limit to -re-establish
On 03/09/2012 12:44 PM, Hemminger, Corey Lee.
[heco0...@stcloudstate.edu] wrote:
> I've installed fedora 16 and freeipa 2.1.4 and am trying to create the
> winsync to a AD2008 server per the documentation and I got to step
> 7.3. I used command:
>
> ipa-replica-manage connect --winsync --binddn
> c
1 - 100 of 103 matches
Mail list logo
