[Freeipa-users] Re: ipa-replica-install ERROR

2019-08-01 Thread Boudjoudad Abdelkader via FreeIPA-users
-addr.arpa. 86400 IN PTR > ipa.server.example.com.x.16.172.in-addr.arpa. > ;; ADDITIONAL SECTION: > ipa.server.example.com. 1200 IN A 172.16.x.y > > ;; Query time: 0 msec > ;; SERVER: 172.16.x.y#53(172.16.x.y) > ;; WHEN: Thu Aug 01 10:12:57 EDT 2019 > ;; MSG SIZ

[Freeipa-users] Re: ipa-replica-install ERROR

2019-08-01 Thread Boudjoudad Abdelkader via FreeIPA-users
Rob Crittenden wrote: > Boudjoudad Abdelkader via FreeIPA-users wrote: > > Hi, > > I'm trying to install an IPA server replica from but i have the issue > > below, i did: > > - Remove the IP of ipa server master from /etc/hosts > > - Check if there is a proble

[Freeipa-users] ipa-replica-install ERROR

2019-07-31 Thread Boudjoudad Abdelkader via FreeIPA-users
Hi, I'm trying to install an IPA server replica from but i have the issue below, i did: - Remove the IP of ipa server master from /etc/hosts - Check if there is a problem with ipa-client-install (working fine) - dig IP-ipa-server (resolved) Non of these steps works! I did some researches and it l

[Freeipa-users] Re: deploying Freeipa ith script

2019-05-31 Thread Boudjoudad Abdelkader via FreeIPA-users
at 22:39, Boudjoudad Abdelkader >>>> wrote: >>>> >>>> Hi John, >>>> Thank you for the quick reply, >>>> >>>> To disable autodiscrovery the option is ? >>>> --autodiscovery=no >>>> >>>> On Wed,

[Freeipa-users] Re: deploying Freeipa ith script

2019-05-30 Thread Boudjoudad Abdelkader via FreeIPA-users
>>>> enrolment should work with just -U for unattended and the principal and >>>> password. >>>> Unless you have a special environment that requires auto discovery to >>>> be disabled, I’d recommend using it. >>>> >>>> I’m enro

[Freeipa-users] Re: deploying Freeipa ith script

2019-05-29 Thread Boudjoudad Abdelkader via FreeIPA-users
disabled, I’d recommend using it. >>> >>> I’m enrolling clients in three ways that all work this way, one using a >>> Cloud-Init module, one using a SaltStack formula and one using a Lambda >>> function that uses SSH to connect to a machine and run the enrolm

[Freeipa-users] Re: deploying Freeipa ith script

2019-05-29 Thread Boudjoudad Abdelkader via FreeIPA-users
;> function that uses SSH to connect to a machine and run the enrolment >> remotely. >> >> The text from your mount command seems to suggest a timeout issue, >> perhaps the network isn’t up or DNS is broken? I’m also seeing you using an >> IP, it’s usually a sign of a

[Freeipa-users] Re: deploying Freeipa ith script

2019-05-29 Thread Boudjoudad Abdelkader via FreeIPA-users
proper network setup (but > technically it should be fine) > > John > > On 29 May 2019, at 22:10, Boudjoudad Abdelkader via FreeIPA-users < > freeipa-users@lists.fedorahosted.org> wrote: > > Hello, > I'm trying to automate freeipa-client installation on Ubuntu wi

[Freeipa-users] deploying Freeipa ith script

2019-05-29 Thread Boudjoudad Abdelkader via FreeIPA-users
Hello, I'm trying to automate freeipa-client installation on Ubuntu with custom script using MAAS as follow : HOSTNAME=$(hostname) IP=$(hostname -i | awk '{print $1}') echo "$HOSTNAME.example.com" > /etc/hostname FQDN="$HOSTNAME.example.com" echo "FQDN is: $FQDN" sed -i "1 i\ $IP $FQDN $HOSTNAME"

[Freeipa-users] Re: LDAP module configuration

2019-03-15 Thread Boudjoudad Abdelkader via FreeIPA-users
the user, do you have any idea about that ? > > Like I said, I know literally zero about radius. I don't know how it > constructs its queries. > > rob > > > > > > > On Fri, Mar 15, 2019 at 2:44 PM Rob Crittenden > <mailto:rcrit...@redhat.co

[Freeipa-users] Re: LDAP module configuration

2019-03-15 Thread Boudjoudad Abdelkader via FreeIPA-users
Hi Rob, Thank you for the quick response, i;m looking to write an ldap query to get the group name of the user, do you have any idea about that ? On Fri, Mar 15, 2019 at 2:44 PM Rob Crittenden wrote: > Boudjoudad Abdelkader via FreeIPA-users wrote: > > Hello Alexander and all, &g

[Freeipa-users] LDAP module configuration

2019-03-15 Thread Boudjoudad Abdelkader via FreeIPA-users
Hello Alexander and all, Can you someone please let me know what's the group object in LDAP 389 DS ? I have this path to search the groups but it's not returning results: In /etc/raddb/mods-enabled/ldap: ldap { server = 'freeipa.dc=server,dc=example,dc=com # port = 389 # iden

[Freeipa-users] Re: No group membership attribute(s) found in user object

2019-03-15 Thread Boudjoudad Abdelkader via FreeIPA-users
Thank you very much Alexander. On Thu, Mar 14, 2019 at 1:04 PM Alexander Bokovoy wrote: > Hi Boudjoudad, > > On ke, 13 maalis 2019, Boudjoudad Abdelkader via FreeIPA-users wrote: > >Starting radiusd -X to check the config i got many errors so i did : > >- Changing the ke

[Freeipa-users] Re: No group membership attribute(s) found in user object

2019-03-13 Thread Boudjoudad Abdelkader via FreeIPA-users
st showing FreeIPA-specific changes. You can always change > the paths in the configuration. > > > > > > > > >On Wed, Mar 13, 2019 at 11:38 AM Alexander Bokovoy > >wrote: > > > >> On ke, 13 maalis 2019, Boudjoudad Abdelkader via FreeIPA-user

[Freeipa-users] Re: No group membership attribute(s) found in user object

2019-03-13 Thread Boudjoudad Abdelkader via FreeIPA-users
certs directory created Or - Changing the path in /etc/raddb/mods-enabled/eap for each files ? On Wed, Mar 13, 2019 at 11:38 AM Alexander Bokovoy wrote: > On ke, 13 maalis 2019, Boudjoudad Abdelkader via FreeIPA-users wrote: > >Hi Alexander and thank you for the documents, >

[Freeipa-users] Re: No group membership attribute(s) found in user object

2019-03-13 Thread Boudjoudad Abdelkader via FreeIPA-users
ship_attribute = memberOf > >cacheable_name = 'yes' > >cacheable_dn = 'yes' > ># cache_attribute = 'LDAP-Cached-Membership' > >} > > > >To test user i did: > ># radtest ttest2 pa

[Freeipa-users] Re: No group membership attribute(s) found in user object

2019-03-12 Thread Boudjoudad Abdelkader via FreeIPA-users
ipped-User-Name}:-%{User-Name}}))" membership_attribute = memberOf cacheable_name = 'yes' cacheable_dn = 'yes' # cache_attribute = 'LDAP-Cached-Membership' } To test user i did: # radtest ttest2 password ldapserver.ex

[Freeipa-users] No group membership attribute(s) found in user object

2019-03-12 Thread Boudjoudad Abdelkader via FreeIPA-users
Hi, I'm trying to check if user is in a given group name in LDAP but it doesn't work, here is the configuration: - vi /etc/raddb/mods-enabled/ldap ldap { ... base_dn = 'cn=users,cn=accounts,dc=server,dc=example,dc=com' ... } group { base_dn = "${..base_dn}" filter = '(objectClass=posixGroup)' scope

[Freeipa-users] Adding the attribute jpegPhoto to the default attributes list

2019-03-04 Thread Boudjoudad Abdelkader via FreeIPA-users
photHello, I added the attribute jpegPhoto of the objectclass inetOrgPerson to a user and set it with a path to a picture, is there a way to add this attribute the the default attributes list ? Thanks, ___ FreeIPA-users mailing list -- freeipa-users@lis

[Freeipa-users] Re: Add a picture to freeipa user

2019-02-18 Thread Boudjoudad Abdelkader via FreeIPA-users
Hello Alexander, Sorry for the late reply cause i'm working on many projects, We would like to add the picture to the user profile, i opened a new discussion in FreeIPA-develand here the link: New issue

[Freeipa-users] Re: Add a picture to freeipa user

2019-02-11 Thread Boudjoudad Abdelkader via FreeIPA-users
Hello Alexander and thank you for the quick reply, Our goal to add a picture to freeipa authentication is to increase the security and to be able to access to the user's picture when needed, i don't know if we can do that with a binary file ? Thanks, __