[Freeipa-users] Re: RBAC in FreeIPA: Conflicts while adding permissions to a role.

Aditya kamat via FreeIPA-users wrote: > I am configuring RBAC in my current FreeIPA setup. There is a requirement > wherein each host can only belong to a particular host group. If a host is > already a part of some host group, a particular role which I create should > not be able to add it to

[Freeipa-users] Re: Multiple CA certs

Awesome, thanks! On Mon, Oct 15, 2018 at 5:27 PM Rob Crittenden wrote: > Andrey Bondarenko wrote: > > Thank you! > > > >> You'll need to delete the blobs out of LDAP using ldapmodify or > > ldapdelete. > > > > But those certs are located not only in LDAP, am I correct? Wouldn't I > > brake the

[Freeipa-users] Re: Multiple CA certs

Andrey Bondarenko wrote: > Thank you!  > >> You'll need to delete the blobs out of LDAP using ldapmodify or > ldapdelete. > > But those certs are located not only in LDAP, am I correct? Wouldn't I > brake the consistency of the IPA if I will ldapdelete them? Re-run ipa-certupdate to refresh

[Freeipa-users] Re: Multiple CA certs

Andrey Bondarenko via FreeIPA-users wrote: > Hello, > > after some tests with Letsencrypt on my test env DEVDOMAN.COM > I have something like this: >  ipa-replica-install  --mkhomedir   --setup-ca  --setup-dns > --auto-forwarders -p password > > Successfully retrieved CA

[Freeipa-users] Re: need help to install letsencrypt in freeipa on ubuntu 16.04

Anush Jayan wrote: > i did that but still its not serving page in https what should i do Removing the existing tracking by itself won't do anything. Re-run ipa-server-certinstall. rob > > On Fri, Oct 12, 2018, 8:12 PM Rob Crittenden > wrote: > > Anush Jayan

[Freeipa-users] freeipa-server failied to instal - Debian

I am trying to install after an uninstall the freeipa-server package on Debian, which is now failing. I normally removed all packages and config files, something seems to still cause issues. The installation output is as follows, after running apt install freeipa-server (I^m first extracting

[Freeipa-users] Re: named fails to start

Never mind. NTP wasn't working properly so the time had drifted too far. Easy fix. photo *Bret Wortman* Founder, Damascus Products, LLC 855-644-2783 | b...@wrapbuddies.co http://wrapbuddies.co/ 10332 Main St Suite 319 Fairfax, VA 22030

[Freeipa-users] Fwd: named fails to start

I was out two days last week and one of my coworkers thought we were having a password problem on our admin account. This morning, my users were claiming an inability to log in, so I cycled our main IPA server, but named won't start. 2018-10-15T10:43:14.blah named-pkcs11[26250]: LDAP error:

[Freeipa-users] Re: Multiple CA certs

Hello, after some tests with Letsencrypt on my test env DEVDOMAN.COM I have something like this: ipa-replica-install --mkhomedir --setup-ca --setup-dns --auto-forwarders -p password Successfully retrieved CA cert Subject: CN=Certificate Authority,O=DEVDOMAIN.COM Issuer:

[Freeipa-users] IPA Replicate Re-Initialize fails, only one sane IPA server left

Hi We experienced issues with one of our IPA server(svgipa02) as it did not receive updates. It was the decided to run on svgipa02 ipa-replicate-manage re-initialize --from=svgipa01 [root@svgipa02 slapd-NO-EP-CORP-LOCAL]# date; ipa-replica-manage re-initialize

[Freeipa-users] Re: need help to install letsencrypt in freeipa on ubuntu 16.04

from where can i get Server-Cert file for freeipa or how can i create it Regards, *Anush Jayan * *Devops Engineer* *TRACKPOINT GPS PVT. LTD.* On Mon, Oct 15, 2018 at 9:20 AM Anush Jayan wrote: > > On Sat, Oct 13, 2018, 8:45 PM Anush Jayan wrote: > >> i did that but still its not serving

[Freeipa-users] Re: Session Recording - https://www.freeipa.org/page/Session_Recording

Thank you Rob! I checked this part on Friday but was still not able to make a full working environment. Will try to spend some time to play with today. If someone has a good tuto on how to set this up, glad to share it here. Thank you. - Kindest regards, Milos Cuculovic IT Manager --- MDPI