On 2/1/22 09:24, Scott Serr via FreeIPA-users wrote:
Hello,
I have an IPA cluster of 5 servers, running version 4.9.6-10. The
system was put in production Feb 2021 and has been updated several
times. These updates have sometimes not gone well:
https://lists.fedorahosted.org/archives/list
Hello,
I have an IPA cluster of 5 servers, running version 4.9.6-10. The
system was put in production Feb 2021 and has been updated several
times. These updates have sometimes not gone well:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org/thread/F7NSVWPC5HTA
On 1/17/22 10:59 AM, Rob Crittenden wrote:
Scott Serr via FreeIPA-users wrote:
On 1/12/22 11:43 AM, Rob Crittenden wrote:
Scott Serr via FreeIPA-users wrote:
Attributes in the Employee Information section of the user web page
are blank following a series of OS/IPA updates.
The "ipa
On 1/12/22 11:43 AM, Rob Crittenden wrote:
Scott Serr via FreeIPA-users wrote:
Attributes in the Employee Information section of the user web page
are blank following a series of OS/IPA updates.
The "ipa user-find --all" cli command shows these attributes fine.
Specifically (
dnf.log shows dev-current had an update to 4.9.6-6 that the other clone
(dev-dec8-updated) did not.
It looks like 4.9.6-6, although replaced has created this lingering problem.
dev-dec8-updated
2021-11-04T12:48:27-0600 DEBUG Upgraded:
ipa-server-4.9.2-4.module+el8.4.0+664+1636a961.x86_64
202
Attributes in the Employee Information section of the user web page are blank
following a series of OS/IPA updates.
The "ipa user-find --all" cli command shows these attributes fine.
Specifically (in my case):
Department Number
Employee Number
Employee Type
I'm wondering if anyone else has
On 7/29/21 9:06 AM, Rob Crittenden wrote:
Scott Serr via FreeIPA-users wrote:
Apologies for the length/verbosity of the lasts message.
I've read there can be a situation on IPA startup where the KDC server
isn't fully up, but LDAP is up. At that point in time LDAP can get
swamp
m.
https://pagure.io/freeipa/issue/8544
Please, anyone, let me know if this is the wrong conclusion.
Thank you to the IPA folks answering questions on this list.
Scott
On 7/28/21 2:58 PM, Scott Serr via FreeIPA-users wrote:
I'm running 5 ipa servers with (the latest on CentOS 8) 4.9.2.
Sync
I'm running 5 ipa servers with (the latest on CentOS 8) 4.9.2.
Synchronization had stopped yesterday and also 3 days ago. It actually
stopped yesterday after I stopped / modified / started "ipa1" to
configure rotating logs longer so I could track down what happened 3
days ago.
2021-07-27 17:
A few months ago, using IPA 4.8.7, I imported users and groups from
OpenLDAP:
ipa -v migrate-ds --with-compat \
--bind-dn="cn=Manager,dc=example,dc=com" \
--user-container="ou=People,dc=example,dc=com" \
--user-objectclass="posixAccount" \
--group-container="ou=Group,dc=example,dc=com" \
--group
It's more of a general problem, I realize now that any DNS resolution that
requires forwarding fails only on the replica(s). So even "nslookup google.com"
fails, but on the first master (ipa1) it's fine and succeeds.
Both have "nameserver 127.0.0.1" in /etc/resolv.conf
I want to add how th
I want to add how the replica was created:
ipa-replica-install --setup-dns \ --forwarder=192.168.66.11 \
--forwarder=192.168.68.41 \ --setup-ca
We've been trying to figure this out for a day. Looking for some help please.
We have servers ipa1 and ipa2. The ipa1 was installed first and it c
We've been trying to figure this out for a day. Looking for some help please.
We have servers ipa1 and ipa2. The ipa1 was installed first and it can delegate
to a subdomain fine. The ipa2 server does not get an answer. Looking at packets
on ipa2, they end up going to my general forwarders to th
Two parts to this question:
Is there a way to disable a normal user's ability to modify their
attributes like their name?
And along those lines, is there a convenient way to reduce what a normal
user sees of other users (via web and cli)?
I'm using version 4.8.
Thank you!
On 9/9/20 9:17 AM, Rob Crittenden wrote:
Scott Serr via FreeIPA-users wrote:
My environment is: CentOS 8.2, FreeIPA 4.8.4, single instance, no clients
My minimal test case plugin looks like this:
user.takes_params += (
Str('useraffiliation?',
cli_name = '
My environment is: CentOS 8.2, FreeIPA 4.8.4, single instance, no clients
My minimal test case plugin looks like this:
user.takes_params += (
Str('useraffiliation?',
cli_name = 'useraffiliation',
label = _('User Affiliation'),
),
)
user.default_attributes.append('useraffiliation')
Say I
16 matches
Mail list logo