On Thu, May 25, 2017 at 04:55:16PM -0400, Jake via FreeIPA-users wrote:
> Hey Guys,
>
> Centos7.3
> FreeIPA 4.4.0
>
>
> I'm having a strange issue with cross-realm tickets that I'm having a hard
> time troubleshooting. it looks similar to an issue posted back in 2014.
> https://www.redhat.c
Hello all!
My config is
VERSION: 4.4.0, API_VERSION: 2.213
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-514.16.1.el7.x86_64
Architecture: x86-64
For load test purpose i wrote script to automate user-creation in freeipa.
On 26.05.2017 12:12, a.matveev--- via FreeIPA-users wrote:
Hello all!
My config is
VERSION: 4.4.0, API_VERSION: 2.213
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-514.16.1.el7.x86_64
Architecture: x86-64
For load
example.org forest on its own, trusted by ipa.example.com and example.com (full
forest trust)
- Original Message -
From: "freeipa-users"
To: "freeipa-users"
Cc: "Sumit Bose"
Sent: Friday, May 26, 2017 4:13:49 AM
Subject: [Freeipa-users]Re: Illegal cross-realm ticket
On Thu, May 25, 20
Rob Foehl via FreeIPA-users wrote:
> On Fri, 26 May 2017, Fraser Tweedale wrote:
>
>> What is the validity of the leaf certificates? Is the notAfter time
>> of the leaf certificate pegged to the notAfter time of the CA
>> certificate? If so, this is (IMO) a bug.
>
> The leaf certs' expiration i
On Thu, 2017-05-25 at 16:55 -0400, Jake via FreeIPA-users wrote:
> Hey Guys,
>
> Centos7.3
> FreeIPA 4.4.0
>
>
> I'm having a strange issue with cross-realm tickets that I'm having a
> hard time troubleshooting. it looks similar to an issue posted back
> in 2014. https://www.redhat.com/archives
Thank you very much for taking the time on IRC to learn me. Part of the issue
is I did not include all the necessary information to diagnose the issue.
I have multiple subdomains that are joined to ipa.example.com, which are under
example.com (ad realm)
This requires me to add a custom routes
On Tue, May 16, 2017 at 11:30:25AM +0200, Ronald Wimmer wrote:
> On 2017-05-15 21:27, Jakub Hrozek wrote:
> > [...]
> >
> > On Mon, May 15, 2017 at 03:54:22PM +0200, Ronald Wimmer wrote:
> > > Hi,
> > >
> > > I am confronted with a behaviour for which I do not have an explanation
> > > for.
> >
You are welcome, perhaps this is something that we need to make easier
to discover with a tool or something.
We can't necessarily automaticaly add random domains, but definitely
make it easy for the admin to find out via some diagnostics.
One thing came to mind after we solved this. You may be abl
Hi,
I have experienced named stopping unexpectedly from time to time. After moving
to RHEL 7 the I made use of a handy feature in systemd, “Restart=always”, to
make sure named is kept alive.
This has kept named alive for me, and I was wondering if this perhaps would be
a useful addition to th
On Fri, May 26, 2017 at 12:59:23PM -0400, Simo Sorce via FreeIPA-users wrote:
> You are welcome, perhaps this is something that we need to make easier
> to discover with a tool or something.
> We can't necessarily automaticaly add random domains, but definitely
> make it easy for the admin to find
Actually, I had that TXT record so ¯\_(ツ)_/¯
- Original Message -
From: "Simo Sorce"
To: "Jake"
Cc: "freeipa-users"
Sent: Friday, May 26, 2017 12:59:23 PM
Subject: [SOLVED] Re: [Freeipa-users] Illegal cross-realm ticket
You are welcome, perhaps this is something that we need to make ea
`ipa realmdomains-show` lists all domains already, so that isn't used for some
reason.
- Original Message -
From: "freeipa-users"
To: "freeipa-users"
Cc: "Sumit Bose"
Sent: Friday, May 26, 2017 1:14:18 PM
Subject: [Freeipa-users]Re: [SOLVED] Re: Illegal cross-realm ticket
On Fri, May
On Fri, May 26, 2017 at 01:30:36PM -0400, Jake wrote:
> `ipa realmdomains-show` lists all domains already, so that isn't used for
> some reason.
oops, looks likes SSSD does not read those entries, I added
https://pagure.io/SSSD/sssd/issue/3412 to track this.
bye,
Sumit
>
> - Original Messa
Hi,
At the risk of smelling like a thread hijack; I’m experiencing the same issue
on one server (Fedora 25), but on all others it’s fine. I don’t think this is a
‘normal’ issue that should be ‘fixed’ by restarting named-pkcs11 all the time.
I tend to check for known issues (and solutions) on thi
15 matches
Mail list logo
