following command has to be run on the IPA server that
> will be the DNSSEC key master:
> # ipa-dns-install --dnssec-master [other options]
>
> You can find more information here: https://www.freeipa.org/page/Howto/DNSSEC
>
> HTH,
> flo
>
> On Sun, Oct 2, 2022 at 8
Greetings all,
I'm running the following FreeIPA:
Installed Packages
freeipa-client.x86_64 4.9.10-4.fc36 @updates
freeipa-client-common.noarch 4.9.10-4.fc36 @updates
freeipa-common.noarch 4.9.10-4.fc36 @updates
freeipa-healthcheck.noarch 0.11-2.fc36 @updates
free
Greetings all,
I'm running the following FreeIPA:
Installed Packages
freeipa-client.x86_64 4.9.10-4.fc36 @updates
freeipa-client-common.noarch 4.9.10-4.fc36 @updates
freeipa-common.noarch 4.9.10-4.fc36 @updates
freeipa-healthcheck.noarch 0.11-2.fc36
> > On Friday, July 8th, 2022 at 1:02 PM, Rob Crittenden rcrit...@redhat.com
> > wrote:
> >
> > > Not sure what you mean by "wire traffic". It's a vault so perhaps you
> > > stored some keys there. IPA already encrypts all its own internal traffic.
> >
> > When I first installed FreeIPA it di
On Tuesday, July 12th, 2022 at 12:24 PM, Ivars Strazdins
wrote:
> Hi Eric,
> IPA command 'ipa dns-update-system-records --dry-run’ command will generate
> all DNS records it expects which you can then compare to existing ones.
> Better yet, it can generate an update file with “—out” switch whi
On Friday, July 8th, 2022 at 1:02 PM, Rob Crittenden
wrote:
>
> Not sure what you mean by "wire traffic". It's a vault so perhaps you
> stored some keys there. IPA already encrypts all its own internal traffic.
When I first installed FreeIPA it did not yet default to encrypted traffic for
all a
Hello,
I installed FreeIPA version 4.8.7-1.fc32.x86_64 on 24 July 2020. I've
since kept current with the Fedora release channels, up to
4.9.10-1.fc36. I don't have any Windoze AD domains configured, just
FreeIPA. I followed the steps to enable KRA back when it seemed to be
required to force
Everyone,
My apologies for somehow managing to submit an encrypted/encoded message
yesterday. I don't actually submit to lists very often and didn't
realize I was encoding to the degree it did. Here's the same message again.
Hi Francis,
I think with a minor change of logic this issue is rathe
Hi Francis,
I think with a minor change of logic this issue is rather simple with a
bit of scripting and some user training. Rather than getting a new
ticket after the old one expires, look for a ticket that expires within
X minutes where your other renewal criteria are still met. While that