[Freeipa-users] Re: freeipa-client joins keep failing : Cannot find KDC for realm

My reply with the log output is pending moderator approval. -Chris On 1/16/18 1:11 PM, Rob Crittenden wrote: > Robbie Harwood via FreeIPA-users wrote: >> Chris Moody via FreeIPA-users >> writes: >> >>> 2018-01-15T21:55:24Z INFO Configured /etc/krb5.conf

[Freeipa-users] Re: freeipa-client joins keep failing : Cannot find KDC for realm

Robbie Harwood via FreeIPA-users wrote: > Chris Moody via FreeIPA-users > writes: > >> 2018-01-15T21:55:24Z INFO Configured /etc/krb5.conf for IPA realm >> IPA.XYZ.COM >> 2018-01-15T21:55:24Z DEBUG Starting external process >> 2018-01-15T21:55:24Z DEBUG

[Freeipa-users] Re: freeipa-client joins keep failing : Cannot find KDC for realm

On ti, 16 tammi 2018, Robbie Harwood via FreeIPA-users wrote: Chris Moody via FreeIPA-users writes: 2018-01-15T21:55:24Z INFO Configured /etc/krb5.conf for IPA realm IPA.XYZ.COM 2018-01-15T21:55:24Z DEBUG Starting external process 2018-01-15T21:55:24Z

[Freeipa-users] Re: FreeIPA NFS Automount with Kerberos troubleshooting help needed

Jobka Wohin writes: > so why is it working with the home folders then? > > i thought also this gets fixed by my manual systemctl restart rpc-gssd ? I'm not really sure, sorry. You might have more luck asking NFS folks? > if this is the error i think apparmor is

[Freeipa-users] Re: freeipa-client joins keep failing : Cannot find KDC for realm

Chris Moody via FreeIPA-users writes: > 2018-01-15T21:55:24Z INFO Configured /etc/krb5.conf for IPA realm > IPA.XYZ.COM > 2018-01-15T21:55:24Z DEBUG Starting external process > 2018-01-15T21:55:24Z DEBUG args=keyctl search @s user >

[Freeipa-users] Re: HBAC Lookups by host rather than user/group

Thank you for the information! I appreciate it. I'm assuming that feature in 1.16 won't be backported to 1.13.3, which is where some of our SOX/PCI servers live unfortunately. A server side reporting feature for this is obviously promising though. Thank you again for the links/info!

[Freeipa-users] Re: Get user ssh key instead of fingerprint.

Yes, This is what I needed. Thank You guys :) Best Maciej On Tue, Jan 16, 2018 at 11:08 AM, Sumit Bose via FreeIPA-users < freeipa-users@lists.fedorahosted.org> wrote: > On Tue, Jan 16, 2018 at 10:53:21AM +0100, Maciej Drobniuch via > FreeIPA-users wrote: > > Hi all. > > > > Is there any way

[Freeipa-users] Re: Get user ssh key instead of fingerprint.

On ti, 16 tammi 2018, Maciej Drobniuch via FreeIPA-users wrote: Hi all. Is there any way to get the user's ssh key (not fingerprint) via console? Maybe LDAP? Or only via a https request ? Do you mean a public ssh key associated with a user with the help of 'ipa user-mod foo --sshpubkey=...'?

[Freeipa-users] Re: Get user ssh key instead of fingerprint.

On Tue, Jan 16, 2018 at 10:53:21AM +0100, Maciej Drobniuch via FreeIPA-users wrote: > Hi all. > > Is there any way to get the user's ssh key (not fingerprint) via console? if the key is store in IPA you can get the full key with ipa user-show --all username or sss_ssh_authorizedkeys