Hi,
I report this issue about FreeIPA server:
--
Request for enhancement
A strange error is occurring when I try to access my FreeIPA.
Issue
The problem occurs when I try to access t
Hello,
On ti, 22 helmi 2022, Mateo Duffour via FreeIPA-users wrote:
Hi,
We currently have an IdM installation with a trust relationship with a
Samba AD DC. Our user accounts reside on Samba AD DC, we dont have user
accounts on IdM. We are having a problem with Samba user acounts that
have its
Hi,
are all the IPA services up and running on the replica (the kinit error
suggests that either krb5.conf is badly configured or the kerberos server
isn't running on the replica)?
Please report the output of "ipactl status".
flo
On Wed, Feb 23, 2022 at 9:05 AM Alessandro Minonzio via FreeIPA-use
Am Tue, Feb 22, 2022 at 03:40:27PM -0300 schrieb Mateo Duffour via
FreeIPA-users:
> Hi,
>
> We currently have an IdM installation with a trust relationship with a Samba
> AD DC. Our user accounts reside on Samba AD DC, we dont have user accounts on
> IdM.
> We are having a problem with Samba
On 2022-02-22 17:47, Rob Crittenden via FreeIPA-users wrote:
Sigbjorn Lie via FreeIPA-users wrote:
Hi list,
After our upgrade from EL7 to EL8, the ipa-backup script is stating a
warning:
"Warning: Local roles CA, DNS, DNSKeySync do not match globally used
roles ADTRUST, CA, DNS, DNSKeySync. A
Hi Florence,
thanks for the support report the status of FreeIPA:
[root@adv ~]# ipactl status
Directory Service: RUNNING
krb5kdc Service: RUNNING
kadmin Service: RUNNING
httpd Service: RUNNING
ipa-custodia Service: RUNNING
ntpd Service: RUNNING
pki-tomcatd Service: STOPPED
ipa-otpd Service: STOPP
https://lists.fedoraproject.org/archives/list/freeipa-users@lists.fedorahosted.org/thread/NXQDRK3EXWJWWROHPXWTQTI2LMV3TLFV/
"IPA actually expects that primary domain and realm are the same (naming
context above has to be the same as the primary domain) "
We created DNS Records for the Domain and
Hi guys.
for zone such as this: 1.3.10.in-addr.arpa
with dynamic updates from DHCP, IPA end up with PTR records like:
Record name: 30.1.3.10
PTR record: CROMO.private.road.
to fix it - which end one should fiddle with, IPA's or DHCP's?
many thanks, L.
_
Hello Team
How to delete expired certificats from IPA PKI and Dogtag definitively.
We haven't found any help to do that.
Can you help ?
Bien à vous
Mr Karim Bourenane
+33686464439
+32 493 86 63 54
___
FreeIPA-users mailing list -- freeipa-users@lists.f
We have v4.6.8 API: 2.237 platform
Bien à vous
Mr Karim Bourenane
+33686464439
+32 493 86 63 54
Le mer. 23 févr. 2022 à 16:05, Karim Bourenane
a écrit :
> Hello Team
>
> How to delete expired certificats from IPA PKI and Dogtag definitively.
> We haven't found any help to do that.
>
> Can you
Karim Bourenane via FreeIPA-users wrote:
> Hello Team
>
> How to delete expired certificats from IPA PKI and Dogtag definitively.
> We haven't found any help to do that.
>
> Can you help ?
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org/thread/UBHDH5SO4CBT3UL2LQ
lejeczek via FreeIPA-users wrote:
> Hi guys.
>
> for zone such as this: 1.3.10.in-addr.arpa
>
> with dynamic updates from DHCP, IPA end up with PTR records like:
>
> Record name: 30.1.3.10
> PTR record: CROMO.private.road.
>
> to fix it - which end one should fiddle with, IPA's or DHCP's?
Hello,
We have a third-party software which needs to change other user's
passwords without requiring the user to choose a new one. It is able to
do this for local users in /etc/passwd, but not for IPA users. To try
to solve this, we've to set up a special account and given it the
following
Patrick Larkin via FreeIPA-users wrote:
> Hello,
>
> We have a third-party software which needs to change other user's
> passwords without requiring the user to choose a new one. It is able to
> do this for local users in /etc/passwd, but not for IPA users. To try
> to solve this, we've to set
Hi,
so there are at least 2 issues to fix:
- kinit admin fails
- pki-tomcatd service and ipa-otpd service are stopped.
For the first issue, can you run:
# KRB5_TRACE=/dev/stderr kinit admin
This will print more details (if DNS resolution is used etc...)
For the 2nd issue, you need to have a look
15 matches
Mail list logo