Alper AYKUT wrote:
> Hi,If I need to explain through my A server
>
> There are about 30 locally running users in my A server. These users
> have their own homelands. Example.
>
> username.surname
> /home/username.surname
> username1.surname1
> /home/username1.surname1
> username2.surname2
> /hom
Hi,If I need to explain through my A server
There are about 30 locally running users in my A server. These users have
their own homelands. Example.
username.surname
/home/username.surname
username1.surname1
/home/username1.surname1
username2.surname2
/home/username2.surname2
Now I have recreate
Hello Alexander,
indeed, some users have SIDs (ipantsecurityidentifier) attribute missing.
ipa config-mod --enable-sid --add-sids fixed it. Thank you.
I found
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_idm_users_groups_hosts_and_access_control_rules
On Чцв, 11 сту 2024, Rasto Rickardt wrote:
Hello Alexander,
all packages should be current with default RHEL configuration:
Thanks, the configs look OK. So check whether users miss SIDs and
regenerate them with
ipa config-mod --enable-sid --add-sids
as admin.
krb5-workstation-1.18.2-26
Hello Alexander,
all packages should be current with default RHEL configuration:
krb5-workstation-1.18.2-26.el8_9.x86_64
krb5-pkinit-1.18.2-26.el8_9.x86_64
sssd-krb5-2.9.1-4.el8_9.x86_64
krb5-libs-1.18.2-26.el8_9.x86_64
krb5-server-1.18.2-26.el8_9.x86_64
sssd-krb5-common-2.9.1-4.el8_9.x86_64
ca
On Чцв, 11 сту 2024, Rasto Rickardt via FreeIPA-users wrote:
Hello,
i have setup of 5 IPA servers on RHEL8. This morning i upgraded with
dnf upgrade IPA components to 4.9.12-11 for example:
ipa-server-4.9.12-11.module+el8.9.0+20824+f2605038.x86_64
ipa-server-common-4.9.12-11.module+el8.9.0+20
Alper AYKUT via FreeIPA-users wrote:
> Hello I have 5 servers. The users of all servers are created locally.
> All users have Home. Now I will connect the Servers to the Free ipa
> server to enable them to log in with the Users I have created in Free
> IPA. However, how will the users' home folders
Older thread, curious which direction you went with.
I am kind of deciding the same as you. Build it with root domain and
then have resource domains or do a subdomain to start. Have not really
found a best practice guide.
Wonder how redhat does there domain setup.
--
I have below Setup:
AD domain: abc.com
maste IPA: node1.idm.abc.com
Replica: node2.idm.com
Both nodes are Enabled server roles: AD trust agent, AD trust controller, CA
server, IPA master
Now,
on client side, while client connected with node1, I am able to resolve the AD
Users.
but when I connec
Hello I have 5 servers. The users of all servers are created locally. All
users have Home. Now I will connect the Servers to the Free ipa server to
enable them to log in with the Users I have created in Free IPA. However,
how will the users' home folders that were created in the past match the
User
On Чцв, 11 сту 2024, Dmitry Krasov via FreeIPA-users wrote:
sssd_dom.loc.log
https://codeshare.io/qP8rYx
sssd_pam.log
https://codeshare.io/eVgexb
Is this user ('desktop') a member of any administrative groups?
(2024-01-11 15:01:26): [be[dom.loc]] [hbac_eval_user_element] (0x1000):
[RID#101]
sssd_dom.loc.log
https://codeshare.io/qP8rYx
sssd_pam.log
https://codeshare.io/eVgexb
--
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Cond
On Чцв, 11 сту 2024, Finn Fysj via FreeIPA-users wrote:
I can see how you were confused but it's covered in "FreeIPA 3.3.0 or
newer" where you run yum update [free]ipa-server. We recommend updating
all packages and not just IPA. ipa-server-upgrade runs as part of the
package install process.
Si
On Чцв, 11 сту 2024, Finn Fysj via FreeIPA-users wrote:
Finn Fysj via FreeIPA-users wrote:
If you have a custom profile then what would checking for 9.3 help? And
note, we don't recommend or support custom profiles. IPA is very
opinionated about the configuration it expects.
I can see how you
> I can see how you were confused but it's covered in "FreeIPA 3.3.0 or
> newer" where you run yum update [free]ipa-server. We recommend updating
> all packages and not just IPA. ipa-server-upgrade runs as part of the
> package install process.
Since it's recommended to run "yum update [free]ipa-s
> Finn Fysj via FreeIPA-users wrote:
>
> If you have a custom profile then what would checking for 9.3 help? And
> note, we don't recommend or support custom profiles. IPA is very
> opinionated about the configuration it expects.
>
>
> I can see how you were confused but it's covered in "FreeIPA
On Срд, 10 сту 2024, Dmitry Krasov via FreeIPA-users wrote:
HBAC allow_all enabled. I think everything default, only sudo rule from video.
I did debug level 3...
Please use debug level 9 and provide full logs somewhere.
You can send the link to logs/logs themselves off list, I'll continue in
t
17 matches
Mail list logo
