On 10/18/23 15:55, Rob Crittenden wrote:
Harry G Coin via FreeIPA-users wrote:
On 10/18/23 10:33, Christian Heimes wrote:
On 18/10/2023 16.57, Harry G Coin wrote:
On Tue, Oct 17, 2023 at 7:50 PM Christian Heimes via FreeIPA-users
wrote:
On 17/10/2023 19.32, Harry G Coin via FreeIPA-use
Harry G Coin via FreeIPA-users wrote:
>
> On 10/18/23 10:33, Christian Heimes wrote:
>> On 18/10/2023 16.57, Harry G Coin wrote:
>>>
On Tue, Oct 17, 2023 at 7:50 PM Christian Heimes via FreeIPA-users
wrote:
On 17/10/2023 19.32, Harry G Coin via FreeIPA-users wrote:
>
>
Bonsoir
Le 18/10/2023 à 19:43, Rob Crittenden via FreeIPA-users a écrit :
Right, so ipa-ca-install did effectively replace the old CA, but you're
not done yet. As Flo points out, the HTTP and 389-ds (and who knows
about PKINIT) certs were issued by a 3rd party.
At this point in the thread I can
Florence Blanc-Renaud wrote:
> Hi,
>
> On Wed, Oct 18, 2023 at 4:11 PM Frederic Ayrault
> mailto:f...@lix.polytechnique.fr>> wrote:
>
> Bonjour,
>
> Le 18/10/2023 à 15:33, Florence Blanc-Renaud a écrit :
>> Hi,
>>
>>
>> CNRS2 and CNRS2-Standard are part of the CA chain that issue
On 10/18/23 10:33, Christian Heimes wrote:
On 18/10/2023 16.57, Harry G Coin wrote:
On Tue, Oct 17, 2023 at 7:50 PM Christian Heimes via FreeIPA-users
wrote:
On 17/10/2023 19.32, Harry G Coin via FreeIPA-users wrote:
'security' and 'other' seemingly 'unrelated' 'upgrades' to
On 10/18/23 07:30, Florence Blanc-Renaud via FreeIPA-users wrote:
Hi,
this guide explains the possible strategies for disaster recovery:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/preparing_for_disaster_recovery_with_identity_management/index
And that one h
On 18/10/2023 16.57, Harry G Coin wrote:
On Tue, Oct 17, 2023 at 7:50 PM Christian Heimes via FreeIPA-users
wrote:
On 17/10/2023 19.32, Harry G Coin via FreeIPA-users wrote:
'security' and 'other' seemingly 'unrelated' 'upgrades' to
packages n levels deep but whose previously u
Hi,
On Wed, Oct 18, 2023 at 4:11 PM Frederic Ayrault
wrote:
> Bonjour,
>
> Le 18/10/2023 à 15:33, Florence Blanc-Renaud a écrit :
>
> Hi,
>
>
> CNRS2 and CNRS2-Standard are part of the CA chain that issued your HTTP
> and LDAP server certificates, they should not be removed.
> When you install a
On Tue, Oct 17, 2023 at 7:50 PM Christian Heimes via FreeIPA-users
wrote:
On 17/10/2023 19.32, Harry G Coin via FreeIPA-users wrote:
'security' and 'other' seemingly 'unrelated' 'upgrades' to
packages n levels deep but whose previously un-noticed freeipa
killing race-conditi
On 10/17/23 12:50, Christian Heimes via FreeIPA-users wrote:
On 17/10/2023 19.32, Harry G Coin via FreeIPA-users wrote:
'security' and 'other' seemingly 'unrelated' 'upgrades' to packages
n levels deep but whose previously un-noticed freeipa killing
race-condition or other bug manifests aft
Bonjour,
Le 18/10/2023 à 15:33, Florence Blanc-Renaud a écrit :
Hi,
CNRS2 and CNRS2-Standard are part of the CA chain that issued your
HTTP and LDAP server certificates, they should not be removed.
When you install a new embedded IPA CA, it doesn't replace the
existing HTTP and LDAP server c
Hi,
On Tue, Oct 17, 2023 at 5:47 PM Frederic Ayrault
wrote:
>
> Le 17/10/2023 à 17:23, Rob Crittenden a écrit :
> > So if I've followed this thread correctly, what you're doing is:
> > - Taking replica ipa3? and forcibly disconnecting it from an existing
> > IPA installation
>
> This is just bec
> Works without problems. Does not migrate UPGs nor ignore kerberos data:
> ipa migrate-ds --with-compat --user-container='cn=users,cn=accounts'
> --group-container='cn=groups,cn=accounts' ldap://ipa.example.com
>
> Migrates UPGs and other groups, but no users because of "mepOriginEntry":
> ipa mi
Hi,
this guide explains the possible strategies for disaster recovery:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/preparing_for_disaster_recovery_with_identity_management/index
And that one how to recover:
https://access.redhat.com/documentation/en-us/red_hat_en
> On Срд, 11 кас 2023, Finn Fysj via FreeIPA-users wrote:
>
> IPA memberof access permission was always limited to authenticated LDAP
> binds.
>
>
> So this is what somebody (old admin?) addded explicitly.
Correct.
Thanks for your help, Alexander.
__
Hi,
On Tue, Oct 17, 2023 at 8:20 PM HUANG, TONY via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> Hi Rob,
>
> The CSR is generated within the web UI by following this section "Web UI:
> Requesting new certificates" (
> https://access.redhat.com/documentation/en-us/red_hat_enterpr
Hi!
While doing a yearly disaster recovery I encountered a strange issue, of the
749 users in production environment 748 got successfully imported, but one user
is missing.
"kinit missing.username" just warns that the user was not found in Kerberos
database while getting initial credentials.
17 matches
Mail list logo