Attached is a patch to handle the ipa-replica-conncheck issue. It
should be applied on top of your patch.
Essentially, the fix is as follows:
A. If the DS_PORT = 7389, then we pass --check-ca in the
ipa-replica-conncheck to be executed on the master.
a1. If the master is ipa 2.x, this will prompt
Hi,
this is something that felt between the cracks. Some time ago we
introduced a new objectclass ipaIDobject to allow objects to have an
UID, GID or SID which are basically no users or groups. The DNA plugin
should be aware of this new objectclass which is fix by the first patch.
The second patc
This changes the way IPA generates CRLs for new installs only.
The first master installed is configured as the CRL generator. An entry
is added to cn=masters that designates it.
When a replica is installed it queries this entry so it knows where to
forward CRL requests. CRL files are not avai
On 10/04/2012 01:41 PM, Adam Tkac wrote:
On Thu, Oct 04, 2012 at 10:31:24AM +0200, Petr Spacek wrote:
Hello,
Use NOTAUTH and REFUSED response codes for dynamic updates rather
than SERVFAIL.
SERVFAIL is still sent if PTR synchronization is enabled but
impossible for some rea
On 10/04/2012 01:44 PM, Adam Tkac wrote:
On Thu, Oct 04, 2012 at 09:49:03AM +0200, Petr Spacek wrote:
Hello,
Fix memory leaks in dynamic update PTR synchronization.
During settings code refactoring I found several ugly memory leaks
in sync_ptr handling.
Ack
Pushed to master:
cfa827718610ff
Hi,
two attached patches attempt to solve
https://fedorahosted.org/freeipa/ticket/3103
We cannot make educated guess where trusted domain's DNS server is
located as we ended up with NotFound exception precisely because we were
unable to discover trusted domain's domain controller location.
Thu
On 10/04/2012 04:48 PM, Alexander Bokovoy wrote:
> On Thu, 04 Oct 2012, Martin Kosek wrote:
>> On 09/25/2012 04:30 PM, Alexander Bokovoy wrote:
>>> Hi,
>>>
>>> I did have bug filed against python-ldap in January and for some reason
>>> my patch to accomodate two ways of making LDAP controls was not
On Thu, 04 Oct 2012, Martin Kosek wrote:
On 09/25/2012 04:30 PM, Alexander Bokovoy wrote:
Hi,
I did have bug filed against python-ldap in January and for some reason
my patch to accomodate two ways of making LDAP controls was not included
in March 2012 when I presented it as part of trusts, but
On Thu, Oct 04, 2012 at 09:49:03AM +0200, Petr Spacek wrote:
> Hello,
>
> Fix memory leaks in dynamic update PTR synchronization.
>
> During settings code refactoring I found several ugly memory leaks
> in sync_ptr handling.
Ack
> From 690008eb1fb6f340c735150f21a8d30a244e14bf Mon Sep 17 00:00:0
On Thu, Oct 04, 2012 at 10:31:24AM +0200, Petr Spacek wrote:
> Hello,
>
> Use NOTAUTH and REFUSED response codes for dynamic updates rather
> than SERVFAIL.
>
> SERVFAIL is still sent if PTR synchronization is enabled but
> impossible for some reason.
>
> This change should make
On 09/25/2012 04:30 PM, Alexander Bokovoy wrote:
> Hi,
>
> I did have bug filed against python-ldap in January and for some reason
> my patch to accomodate two ways of making LDAP controls was not included
> in March 2012 when I presented it as part of trusts, but yesterday we
> found it is really
On 10/04/2012 11:54 AM, Alexander Bokovoy wrote:
> On Thu, 04 Oct 2012, Sumit Bose wrote:
>> Hi,
>>
>> this patch fixes unattended installation for ipa-adtrust-install and
>> ticket https://fedorahosted.org/freeipa/ticket/3023 .
> ACK. Thanks!
>
Pushed to master, ipa-3-0.
Martin
___
On Thu, 04 Oct 2012, Sumit Bose wrote:
On Thu, Oct 04, 2012 at 12:39:07PM +0300, Alexander Bokovoy wrote:
On Thu, 04 Oct 2012, Sumit Bose wrote:
>On Thu, Oct 04, 2012 at 12:13:57PM +0300, Alexander Bokovoy wrote:
>>On Thu, 04 Oct 2012, Sumit Bose wrote:
>>>Hi,
>>>
>>>this patch tries to avoid th
Hi,
this patch should fix the reopend
https://fedorahosted.org/freeipa/ticket/3019 .
bye,
Sumit
From 4bd788af75f04371e6f8b974340433b41bd4f8e2 Mon Sep 17 00:00:00 2001
From: Sumit Bose
Date: Thu, 4 Oct 2012 12:40:33 +0200
Subject: [PATCH] ipa-adtrust-install: print list of needed SRV records
If
On Thu, Oct 04, 2012 at 12:39:07PM +0300, Alexander Bokovoy wrote:
> On Thu, 04 Oct 2012, Sumit Bose wrote:
> >On Thu, Oct 04, 2012 at 12:13:57PM +0300, Alexander Bokovoy wrote:
> >>On Thu, 04 Oct 2012, Sumit Bose wrote:
> >>>Hi,
> >>>
> >>>this patch tries to avoid the ldapmodiy error messages dur
On Thu, 04 Oct 2012, Sumit Bose wrote:
Hi,
this patch fixes unattended installation for ipa-adtrust-install and
ticket https://fedorahosted.org/freeipa/ticket/3023 .
ACK. Thanks!
--
/ Alexander Bokovoy
___
Freeipa-devel mailing list
Freeipa-devel@re
Hi,
this patch fixes unattended installation for ipa-adtrust-install and
ticket https://fedorahosted.org/freeipa/ticket/3023 .
bye,
Sumit
From 4a4532e8d57cf76c39f2d9483683edee01648f2f Mon Sep 17 00:00:00 2001
From: Sumit Bose
Date: Thu, 4 Oct 2012 11:37:45 +0200
Subject: [PATCH] ipa-adtrust-inst
On Thu, 04 Oct 2012, Sumit Bose wrote:
On Thu, Oct 04, 2012 at 12:13:57PM +0300, Alexander Bokovoy wrote:
On Thu, 04 Oct 2012, Sumit Bose wrote:
>Hi,
>
>this patch tries to avoid the ldapmodiy error messages during
>ipa-adtrust-install by checking if the related object already exists.
>Fixes htt
On Thu, Oct 04, 2012 at 12:13:57PM +0300, Alexander Bokovoy wrote:
> On Thu, 04 Oct 2012, Sumit Bose wrote:
> >Hi,
> >
> >this patch tries to avoid the ldapmodiy error messages during
> >ipa-adtrust-install by checking if the related object already exists.
> >Fixes https://fedorahosted.org/freeipa/
On Thu, 04 Oct 2012, Sumit Bose wrote:
Hi,
this patch tries to avoid the ldapmodiy error messages during
ipa-adtrust-install by checking if the related object already exists.
Fixes https://fedorahosted.org/freeipa/ticket/3012 .
In general -- ACK for the approach. However, I wonder if you could
On 10/03/2012 07:27 PM, Rob Crittenden wrote:
Tomas Babej wrote:
On 10/03/2012 03:31 PM, Tomas Babej wrote:
On 10/02/2012 08:48 PM, Rob Crittenden wrote:
Tomas Babej wrote:
On 09/26/2012 09:32 PM, Rob Crittenden wrote:
Tomas Babej wrote:
Hi,
Connection error message in ipa-client-install n
Hello,
Use NOTAUTH and REFUSED response codes for dynamic updates rather
than SERVFAIL.
SERVFAIL is still sent if PTR synchronization is enabled but
impossible for some reason.
This change should make dynamic updates debugging simpler.
--
Petr^2 Spacek
From bff8bc688c61717df67d
Hi,
this patch tries to avoid the ldapmodiy error messages during
ipa-adtrust-install by checking if the related object already exists.
Fixes https://fedorahosted.org/freeipa/ticket/3012 .
bye,
Sumit
From e2412c162fb4eeab6db280a207002ccba31be2d8 Mon Sep 17 00:00:00 2001
From: Sumit Bose
Date: Th
Hello,
Fix memory leaks in dynamic update PTR synchronization.
During settings code refactoring I found several ugly memory leaks in sync_ptr
handling.
--
Petr^2 Spacek
From 690008eb1fb6f340c735150f21a8d30a244e14bf Mon Sep 17 00:00:00 2001
From: Petr Spacek
Date: Thu, 4 Oct 2012 09:46:25 +02
24 matches
Mail list logo