On Fri, Mar 05, 2021 at 11:02:54AM -, Aurelien Bompard wrote:
> An update again!
>
> We've sent an email to folks that have an account in both Fedora & CentOS but
> registered with different email addresses. If that's your case, please choose
> one address for both accounts, it'll help us
An update again!
We've sent an email to folks that have an account in both Fedora & CentOS but
registered with different email addresses. If that's your case, please choose
one address for both accounts, it'll help us migrate.
We are now in the middle of the final sprint for production
Hey folks!
Some update since last time:
- we re-ran the import script with the suggested optimisation, it was faster
but still took about 52 hours, so we'll run an incremental updater until we go
to prod. There are still ways we can cut down on the number of imported
accounts (not importing
On Fri, Feb 05, 2021 at 09:49:57AM -, Aurelien Bompard wrote:
> > Do you need the compat tree or NIS? slapi-nis and compat tree require
> > additional
> > resources. You can disable the features with ipa-compat-manage and
> > ipa-nis-manage
> > commands. You need to disable them on each
> Alexander Bokovoy created the feature
> https://github.com/SSSD/sssd/issues/5482. Once
> implemented you will be able to Kerberos check authentication indicators like
> OTP from a
> PAM service.
Yeah, this seems like the way to go, thanks.
> You have a couple of options to speed up migration
Hi Aurelien,
> - The infra team wants to do a couple things that FreeIPA does not support
> out of the box,
> like enforcing 2FA for specific services such as sudo, so we need to think
> about how we
> want to do it.
Alexander Bokovoy created the feature
On Thu, 4 Feb 2021 at 11:37, Vít Ondruch wrote:
>
> Dne 04. 02. 21 v 15:52 Aurelien Bompard napsal(a):
> > Hey folks!
> >
> > As you've probably heard before, we're upgrading our authentication
> system to something that is based on FreeIPA.
> > Here's a quick status report on that initiative.
>
Dne 04. 02. 21 v 15:52 Aurelien Bompard napsal(a):
Hey folks!
As you've probably heard before, we're upgrading our authentication system to
something that is based on FreeIPA.
Here's a quick status report on that initiative.
Thx for the update!
We're currently in an integration phase,
