[Freeipa-users] Dynamic DNS for DHCP clients using FreeIPA

Hi, I'm trying to get ISC dhcp clients to register dynamically against FreeIPA's DNS server. I have had this working before, now After a system crash, and reinstall, all I get are timeout errors when a device is assigned an IP. The DHCP server configuration has not changed, and I generate a new

[Freeipa-users] Solaris client proxyDN logins not working

Configuring a Solaris 11.3 system as a FreeIPA client. I've read various articles, mail list archives, and pages found on google trying to figure out how to properly make this work. So far, I've only gotten the ability to do su - u...@domain.tld and check getent passwd/group. This successfully

[Freeipa-users] Re: IPA sudo rules CentOS 6 vs CentOS 7

On Wed, Sep 13, 2017 at 11:05:25PM +0300, Alexander Bokovoy via FreeIPA-users wrote: > On ke, 13 syys 2017, Mark Haney via FreeIPA-users wrote: > > On 09/13/2017 03:44 PM, Răzvan Corneliu C.R. VILT via FreeIPA-users wrote: > > > Hi Mark, > > > > > > Not all CentOS releases are created equal.

[Freeipa-users] Re: IPA sudo rules CentOS 6 vs CentOS 7

On ke, 13 syys 2017, Mark Haney via FreeIPA-users wrote: On 09/13/2017 03:44 PM, Răzvan Corneliu C.R. VILT via FreeIPA-users wrote: Hi Mark, Not all CentOS releases are created equal. Support for Sudo appeared later in IPA and you’ll probably need to update sssd and ipa-client. The one in 6.8

[Freeipa-users] Re: IPA sudo rules CentOS 6 vs CentOS 7

On 09/13/2017 03:44 PM, Răzvan Corneliu C.R. VILT via FreeIPA-users wrote: Hi Mark, Not all CentOS releases are created equal. Support for Sudo appeared later in IPA and you’ll probably need to update sssd and ipa-client. The one in 6.8 should work fine. I’ve recently enrolled a few rhel 6.4

[Freeipa-users] Re: IPA sudo rules CentOS 6 vs CentOS 7

Hi Mark, Not all CentOS releases are created equal. Support for Sudo appeared later in IPA and you’ll probably need to update sssd and ipa-client. The one in 6.8 should work fine. I’ve recently enrolled a few rhel 6.4 servers and noticed the same thing but everything was solved after doing a

[Freeipa-users] IPA sudo rules CentOS 6 vs CentOS 7

One of my biggest projects is to use ansible to kill OpenLDAP clients on our production servers and install ipa-client and configured.  I'm probably 95% there with automating the process (still trying to figure out what pam_ldap crap is floating around after uninstalling those packages and

[Freeipa-users] Sudo Rules out of sync?!

ipa users, I am running the https://github.com/peterpakos/ipa_check_consistency and seeing my rule counts are out of sync, is there a process to force these to replicate? It seems only sudo rules are out of sync at this time, new hosts replicating properly. ipa-server-install --version

[Freeipa-users] Re: Request failed with status 500: Non-2xx response from CA REST API: 500. - pki-tomcatd fails to start

Hi all, certmonger is restarted; "ipa-getcert resubmit -i 20170129002024"  will thown in an error in /var/log/pki/pki-tomcat/ca/debug: [13/Sep/2017:16:13:37][ajp-nio-127.0.0.1-8009-exec-1]: CertProcessor: no profile policy set found Policy Set