Hey Fraser,
That it is in CRL format.
BR
Maciej
On Fri, May 18, 2018 at 6:18 AM, Fraser Tweedale
wrote:
> Hi Maciej,
>
> I concur with the answers in Rob's reply. But I have one question.
>
> On Thu, May 17, 2018 at 04:03:36PM +0200, Maciej Drobniuch via
> FreeIPA-user
What are you trying to achive?
Do you want to have a one-liner for the installation?
M.
On Wed, May 16, 2018 at 12:04 PM, Ronald Wimmer via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> Hi,
>
> is there a way to configure parameters in sssd.conf when calling
> ipa-client-instal
Hey Guys,
I want to use the IPA CA for PKI on some of our web services( mostly of
premises - that's why )
What I do not know is:
1. How to add a profile id for certificate generation for the user so
he/she can paste a CSR and get a certificate.
2. How to turn on/off automatic signing. ( I would
Hey Winfired,
I've been struggling with this too.
Currently I'm doing a hack (NO PASSWORD) in sudoers to at least workaround
the otp at sudo.
It's as always usability+angry users vs security.
BR
Maciej
On Fri, Feb 23, 2018 at 3:07 PM, Winfried de Heiden via FreeIPA-users <
freeipa-users@lists.
Okay, Thank you Alex,
I will give it a shot.
Best
Maciej
On Thu, Feb 22, 2018 at 5:07 PM, Alexander Bokovoy
wrote:
> On to, 22 helmi 2018, Maciej Drobniuch via FreeIPA-users wrote:
>
>> So, It looks like tokens are working on LDAP too.
>>
>> Is there any way to disab
So, It looks like tokens are working on LDAP too.
Is there any way to disable 2FA on LDAP?
Thanks
On Thu, Feb 22, 2018 at 3:52 PM, Maciej Drobniuch
wrote:
> Hey All,
>
> I want to authenticate with an external app to ldap ipa.
>
> So I've created a user for the bind:
> dn: uid=sysaccount,cn=sy
Hey All,
I want to authenticate with an external app to ldap ipa.
So I've created a user for the bind:
dn: uid=sysaccount,cn=sysaccounts,cn=etc,dc=example,dc=com
changetype: add
objectclass: account
objectclass: simplesecurityobject
uid: system
userPassword: somepass123
passwordExpirationTime: 20
Yes,
This is what I needed.
Thank You guys :)
Best
Maciej
On Tue, Jan 16, 2018 at 11:08 AM, Sumit Bose via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> On Tue, Jan 16, 2018 at 10:53:21AM +0100, Maciej Drobniuch via
> FreeIPA-users wrote:
> > Hi all.
> &
Hi all.
Is there any way to get the user's ssh key (not fingerprint) via console?
Maybe LDAP?
Or only via a https request ?
Thanks
--
Best regards
Maciej Drobniuch
Network Security Engineer
Collective-Sense,LLC
___
FreeIPA-users mailing list -- fre
MacOSx is strict in regards to self-signed and expired certificates. Please
check there.
On Wed, Nov 15, 2017 at 5:48 PM, Andrew Meyer via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> Weird. We are having problems with it and our Aruba wireless using
> FreeRADIUS.
>
>
> On Wedn
Hey Andrew,
The guide you are following is 100% allright. Works for me (All my
freeradius servers are bound to ipa)
In regards to syntax - Please try with GUI. This is how I did that.
In regard to macosx and wifi issues. Please check if the freeradius
certificate did not expire(look for issues t
Hi All,
One of my IPA UI is working very slow.
I can observe the issue after moving the VM server onto another host.
The machine itself is not overloaded and the number of CPU cores and RAM
memory went up.
Other IPA UI on other servers are working smoothly.
Any ideas how to troubleshoot that?
Hey Ipa list!
Is there a way to disable 2FA for a particular host?
I'm using PAM auth there for a webservice that does not have kerberos and
it's annoying users to enter the 2FA every-time(so I want to make an
exception)
Thanks
--
Best regards
Maciej Drobniuch
Network Security Engineer
Collec
Hey Jake,
I recall having the same issue but don't remember the solution.
Check the logs maybe you'll find something.
Worst case you can always rejoin the ipa replicator and it will sync.
M.
On Tue, Sep 19, 2017 at 2:14 PM, Jake via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
Hey Eric,
To me looks like either the /etc/hosts file is wrongly configured/dns
server is not set to ipa or ipa ports are not open.
M.
On Wed, Sep 20, 2017 at 5:30 PM, Eric Scholwin via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> Foolishly, I blew up my entire 4.4 on Centos 7
or the link!
>
>
> M.
>
> On Thu, Sep 7, 2017 at 1:31 PM, Jakub Hrozek via FreeIPA-users <
> freeipa-users@lists.fedorahosted.org> wrote:
>
>> On Thu, Sep 07, 2017 at 11:02:50AM +0200, Maciej Drobniuch via
>> FreeIPA-users wrote:
>> > Hey Freeipa users
This helps.
Thank you for the link!
M.
On Thu, Sep 7, 2017 at 1:31 PM, Jakub Hrozek via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> On Thu, Sep 07, 2017 at 11:02:50AM +0200, Maciej Drobniuch via
> FreeIPA-users wrote:
> > Hey Freeipa users!
> >
Hey Freeipa users!
Proxmox supports pam logins from webui and it is debian based.
I've used the following guide to install freeipa unofficial packages.
http://clusterfrak.com/sysops/app_installs/freeipa_clients/
The ipa client installation went smoothly but... I can not see the users
and login.
+1
W dniu wt., 23.05.2017 o 19:47 Jake via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> napisaĆ(a):
> Hey All,
> I think this is fixed in 4.4.2 but since we use centos upstream we are
> limited to 4.4.0, is there a way to manually re-issue the SSL Certificates
> used for apache on the IPA
19 matches
Mail list logo
