On Thu, Dec 19, 2019 at 05:17:05PM +0200, Alexander Bokovoy via FreeIPA-users
wrote:
> Hi,
>
> thanks to the recent changes done by Dinesh(master[1] and ipa-4-8[2]),
> it is now possible to have continuous rebuild of FreeIPA master and
> ipa-4-8 branches using COPR repositories.
>
> We now have
On to, 19 joulu 2019, Rami Elias (TECH V) via FreeIPA-users wrote:
Hello,
thank you for your fast investigation;
we are on centos 8 and we have the following packages:
- name: install freeipa packages
dnf:
name:
- ipa-server
- ipa-server-dns
- ipa-server-trust-ad
- ipa-
Thank you Florence. I'm going to see that.
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/proj
Hello,
thank you for your fast investigation;
we are on centos 8 and we have the following packages:
- name: install freeipa packages
dnf:
name:
- ipa-server
- ipa-server-dns
- ipa-server-trust-ad
- ipa-idoverride-memberof-plugin
state: installed
yes, im sorry f
> Yep, so you cannot do anything until your AD DCs will be able to query
> DNS for IPA domain.
Let me try to clarify what I'm after.
Our production environment (which I described below) is working fine.
There are no problems, and I don't need or want to query against IdM's DNS.
I now want to set
On to, 19 joulu 2019, White, David via FreeIPA-users wrote:
Are AD DCs using that DNS server to look up IPA zone records already?
Again, this is about AD DCs, not IPA itself.
AD (and the Corporate environment) talk to 1 set of DNS servers (let's call
this AD-DNS).
Our RedHat servers tal
Hi Rami,
On to, 19 joulu 2019, Rami Elias (TECH V) via FreeIPA-users wrote:
Freeipa Problem
we have a freeipa --> ad setup (one way trust)
our problem is we cant get external ad user // groups to work
(your mail client did terrible formatting)
The issue you have is that external groups in IPA
> Are AD DCs using that DNS server to look up IPA zone records already?
>Again, this is about AD DCs, not IPA itself.
AD (and the Corporate environment) talk to 1 set of DNS servers (let's call
this AD-DNS).
Our RedHat servers talk to a different set of DNS servers (let's call this
RH-DN
Freeipa Problem
we have a freeipa --> ad setup (one way trust)
our problem is we cant get external ad user // groups to work
what we did:
we added the trust:
Trust Settings
Realm name
domain.at
Domain NetBIOS name
DOMAIN
Domain Security Identifier
S-1-5-21-2435101603-3558199190-xxx
Trust direct
On to, 19 joulu 2019, White, David via FreeIPA-users wrote:
Thank you for both of your responses.
No. The reason for that is that AD domain controllers have to resolve IPA DC
addresses as well and they use DNS for that too.
I feel fairly certain that our AD environment is not
Hi,
thanks to the recent changes done by Dinesh(master[1] and ipa-4-8[2]),
it is now possible to have continuous rebuild of FreeIPA master and
ipa-4-8 branches using COPR repositories.
We now have @freeipa/freeipa-master-nightly[3] to continuously track git
master branch. Every time there is a c
Thank you for both of your responses.
> No. The reason for that is that AD domain controllers have to resolve IPA DC
> addresses as well and they use DNS for that too.
I feel fairly certain that our AD environment is not currently able to resolve
our production IPA servers.
AD is
On 12/18/19 7:22 PM, iam pollux via FreeIPA-users wrote:
Hello,
We have a root CA and a subordinate CA with Freeipa.
The root CA issues a certificate for the subordinate CA and the subordinate CA
provides certificates to the client workstations.
Since multi stapling is not available, is it poss
13 matches
Mail list logo