Re: [CentOS] FreeIPA on Centos 6
> > datacenters? > Bingo ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] FreeIPA on Centos 6
On Wed, Jun 27, 2012 at 11:15 AM, Boris Epstein wrote: > On Wed, Jun 27, 2012 at 2:39 AM, James Hogarth >wrote: > > > > Named segfaulted here and there, and when the master instance failed, > > > takeover didn't work for whatever reason. > > > > > > > I have four IPAs replicating together across two DCs with full DNS and CA > > integration plus using it for sudo management as well fully stable. > > > > Have never seen the behaviour you describe and there is no 'master' to > take > > over from since it is multi master so no take over even exists much > > less is required > > ___ > > CentOS mailing list > > CentOS@centos.org > > http://lists.centos.org/mailman/listinfo/centos > > > > Thanks. What's DC in this context? > > Boris. > datacenters? -- groeten, natxo ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] FreeIPA on Centos 6
On Wed, Jun 27, 2012 at 2:39 AM, James Hogarth wrote: > > Named segfaulted here and there, and when the master instance failed, > > takeover didn't work for whatever reason. > > > > I have four IPAs replicating together across two DCs with full DNS and CA > integration plus using it for sudo management as well fully stable. > > Have never seen the behaviour you describe and there is no 'master' to take > over from since it is multi master so no take over even exists much > less is required > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > Thanks. What's DC in this context? Boris. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] FreeIPA on Centos 6
On Wed, Jun 27, 2012 at 8:39 AM, James Hogarth wrote: > > Named segfaulted here and there, and when the master instance failed, > > takeover didn't work for whatever reason. > > > > I have four IPAs replicating together across two DCs with full DNS and CA > integration plus using it for sudo management as well fully stable. > > Have never seen the behaviour you describe and there is no 'master' to take > over from since it is multi master so no take over even exists much > less is required > +1. IPA is a very nice addition to the linux environment. And getting better all the time :-) Finally we can deploy a secure, trusted network without having to hack 20 different software pieces together. TUV has really nailed this one. -- groet, natxo ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] FreeIPA on Centos 6
> Is there a HOWTO for this somewhere? Sounds like a very useful setup All the docs needed to set up that bit can be found on docs.redhat.com ... the identity management guide in the rhel6 section. I've written some more advanced guides on the freeipa wiki (look at how tos under documentation) covering Apache auth against IPA and IPA for httpd certificate management... will soon add my kvm/libvirt/vnc authentication against IPA doc as well - just waiting on feedback before adding it to the how to section. If there are any specific how tos you'd like to see on there feel free to suggest... and always feel free to ping me... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] FreeIPA on Centos 6
On 06/27/2012 06:39 PM, James Hogarth wrote: Named segfaulted here and there, and when the master instance failed, takeover didn't work for whatever reason. I have four IPAs replicating together across two DCs with full DNS and CA integration plus using it for sudo management as well fully stable. Have never seen the behaviour you describe and there is no 'master' to take over from since it is multi master so no take over even exists much less is required __ Is there a HOWTO for this somewhere? Sounds like a very useful setup. _ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] FreeIPA on Centos 6
> Named segfaulted here and there, and when the master instance failed, > takeover didn't work for whatever reason. > I have four IPAs replicating together across two DCs with full DNS and CA integration plus using it for sudo management as well fully stable. Have never seen the behaviour you describe and there is no 'master' to take over from since it is multi master so no take over even exists much less is required ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] FreeIPA on Centos 6
2012/6/26 James Hogarth : >> >> Is anybody using http://freeipa.org on a CentOS 6 server? Is it working >> well? >> > > Yes and yes I suggest checking out the FreeIPA mailing list and > IRC channel if you have any trouble as you'll find quite a few people > there. > > As a heads up IPA 2.2 will be coming in CentOS 6.3 which includes SSH > key maintenance in IPA and form based authentication for when you > don't have a kerberos token to pass to the IPA interface. Hi, deployed it at work, two (kvm) instances for HA, with DNS. Named segfaulted here and there, and when the master instance failed, takeover didn't work for whatever reason. A really nice piece of software i'd have liked to continue to use, but not yet prod ready imho. I guess I'll have another look after 6.3. HTH, Laurent. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] FreeIPA on Centos 6
> > Is anybody using http://freeipa.org on a CentOS 6 server? Is it working > well? > Yes and yes I suggest checking out the FreeIPA mailing list and IRC channel if you have any trouble as you'll find quite a few people there. As a heads up IPA 2.2 will be coming in CentOS 6.3 which includes SSH key maintenance in IPA and form based authentication for when you don't have a kerberos token to pass to the IPA interface. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] FreeIPA on Centos 6
Hello all, Is anybody using http://freeipa.org on a CentOS 6 server? Is it working well? Thanks. Boris. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
