[Freeipa-users] Re: new client setup

Florence,Thanks yeah I was able to telnet to port 389.  It was the TTL of the DNS records.  It finally flushed and worked. Cheers! On Tuesday, March 6, 2018 3:34 PM, Florence Blanc-Renaud via FreeIPA-users wrote: On 06/03/2018 21:39, Andrew Meyer

[Freeipa-users] Re: new client setup

On 06/03/2018 21:39, Andrew Meyer via FreeIPA-users wrote: I am trying to add another client in my main location and getting the following information: [user@freeipa01 ipa]$ sudo ipa-client-install --domain=stl1.example.net --realm=stl1.example.net --mkhomedir --enable-dns-updates Skip

[Freeipa-users] Re: new client setup

Andrew Meyer via FreeIPA-users wrote: > I am trying to add another client in my main location and getting the > following information: > [user@freeipa01 ipa]$ sudo ipa-client-install --domain=stl1.example.net > --realm=stl1.example.net --mkhomedir --enable-dns-updates > Skip

[Freeipa-users] new client setup

I am trying to add another client in my main location and getting the following information:[user@freeipa01 ipa]$ sudo ipa-client-install --domain=stl1.example.net --realm=stl1.example.net --mkhomedir --enable-dns-updatesSkip infra-test-ipa.example.net.stl1.example.net: LDAP server is not

[Freeipa-users] Re: CA server install on existing server fails - FreeIPA 4.5.0

Oh. I'm sorry I mis-understood. [jseekins@ops-freeipa-ops-1 ~]$ sudo yum list ipa-server [sudo] password for jseekins: Loaded plugins: amazon-id, rhui-lb, search-disabled-repos Installed Packages ipa-server.x86_64 4.5.0-22.el7_4

[Freeipa-users] Re: re-add a trust to AD => Local Security Authority is unable to obtain an RPC...

On 06/03/18 13:26, lejeczek via FreeIPA-users wrote: ... connection to the Active Directory Domain Controller Hi gents Would you know why this happens? I mean, it happens when I on AD DC remove a trust, then do trust-del on IPA, then go back to AD and try to add the "same" trust, then

[Freeipa-users] Re: error when promoting new client to replica

Agreed.  Going to try and get direct management to move forward w/ CentOS 7 up there.Thanks to you and your team for all their help.   FreeIPA is so awesome. On Tuesday, March 6, 2018 1:31 PM, Rob Crittenden via FreeIPA-users wrote: Andrew Meyer

[Freeipa-users] Re: error when promoting new client to replica

Andrew Meyer wrote: > We got it fixed.  But one of the servers became severely out of sync > causing other issues.  We got it fixed and replication is now working > once again.  Now it is just figuring out if we truly can use Amazon > Linux 2 as a FreeIPA replica or if we need to stick w/ CentOS

[Freeipa-users] Re: CA server install on existing server fails - FreeIPA 4.5.0

John Seekins wrote: > Rob, > Fraser did answer my question, but... > As the initial email topic notes, this is FreeIPA 4.5.0. And yes, I was > trying to convert from CA-less to CA-full install. > And Fraser found the exact problem I was running into. Right, Fraser fixed this upstream in master to

[Freeipa-users] Re: error when promoting new client to replica

We got it fixed.  But one of the servers became severely out of sync causing other issues.  We got it fixed and replication is now working once again.  Now it is just figuring out if we truly can use Amazon Linux 2 as a FreeIPA replica or if we need to stick w/ CentOS 7. On Tuesday, March

[Freeipa-users] Re: error when promoting new client to replica

Andrew Meyer via FreeIPA-users wrote: > After getting the feedback previously from the mailing list (thank you > for all your help) I have deployed a CentOS 7 image in AWS.  I was able > to add teh client machine to the FreeIPA domain.  The CentOS 7 instance > is a t2.medium which is a 2 proc by

[Freeipa-users] Re: CA server install on existing server fails - FreeIPA 4.5.0

Rob, Fraser did answer my question, but... As the initial email topic notes, this is FreeIPA 4.5.0. And yes, I was trying to convert from CA-less to CA-full install. And Fraser found the exact problem I was running into. On Tue, Mar 6, 2018 at 11:58 AM Rob Crittenden wrote:

[Freeipa-users] Re: CA server install on existing server fails - FreeIPA 4.5.0

John Seekins via FreeIPA-users wrote: > On a RHEL 7 box, I installed the ipa-server package and set up a server > without a CA successfully. Then I tried to manually add the CA functionality > afterwards and, while the install appeared to work, the server can't properly > access the dogtag

[Freeipa-users] re-add a trust to AD => Local Security Authority is unable to obtain an RPC...

... connection to the Active Directory Domain Controller Hi gents Would you know why this happens? I mean, it happens when I on AD DC remove a trust, then do trust-del on IPA, then go back to AD and try to add the "same" trust, then that happens. I have two masters and that AD mentions

[Freeipa-users] Re: cross realm trust - without win AD credentials ?

On 06/03/18 11:13, Alexander Bokovoy wrote: On ti, 06 maalis 2018, lejeczek via FreeIPA-users wrote: On 06/03/18 07:28, Florence Blanc-Renaud wrote: On 05/03/2018 19:01, lejeczek via FreeIPA-users wrote: hi guys I wonder if it is(would be) possible to have IPA join AD but so IPA admin

[Freeipa-users] Re: cross realm trust - without win AD credentials ?

On ti, 06 maalis 2018, lejeczek via FreeIPA-users wrote: On 06/03/18 07:28, Florence Blanc-Renaud wrote: On 05/03/2018 19:01, lejeczek via FreeIPA-users wrote: hi guys I wonder if it is(would be) possible to have IPA join AD but so IPA admin only asks AD admin(s) to do whatever is required

[Freeipa-users] Re: cross realm trust - without win AD credentials ?

On 06/03/18 07:28, Florence Blanc-Renaud wrote: On 05/03/2018 19:01, lejeczek via FreeIPA-users wrote: hi guys I wonder if it is(would be) possible to have IPA join AD but so IPA admin only asks AD admin(s) to do whatever is required and then s/he does IPA end? And a reason you would do that

[Freeipa-users] MAKE REPLCATION SERVER 1 WAY

Hi all: is it possible make the replication server 1 way ? I got radius/ldap config server in far remote site .. so no need mutual replication. remote site just make a slave one way is ok. Regards ___ FreeIPA-users mailing list --