Sent with Proton Mail secure email.
On Friday, February 2nd, 2024 at 10:36, slek kus via FreeIPA-users
wrote:
> Hi Jochen, nsswitch.conf checks local files and sss. Below is the contents of
> etc/pam.d/sudo:
>
>
> #%PAM-1.0
>
> # Set up user limits from /etc/security/limits.conf.
Hi Rob,
Cheers, I looked in those logs as well, but nothing in particular is standing
out as an error.
After a week trying to find a solution, I think we'll build new servers and
migrate the data from working servers as a way to move forward. It seems a
safer option upgrading from el9 to
Thanks for the suggestion!
I spun a new CentOS 7 image with 7.9.2009 / FreeIPA 4.6.8 (which involved
setting up the incus server to cgroups v1). Then I tried creating a
replica from the 4.5. It again broke on pki-tomcatd, but with a somewhat
baffling error that I didn't know what to do about:
mskaraca--- via FreeIPA-users wrote:
> Hi
> I have the exact same case.
> can you share how can I loose the policy or get a certificate with a
> stronger signature algorithm
# update-crypto-policies --set DEFAULT:SHA1
It is recommended to reboot afterward.
Or you have to request stronger
Running on RHEL-9, up to version ipa --version
VERSION: 4.10.2, API_VERSION: 2.252
--
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of
FreeIPA would periodically freeze and would require a service restart - sudo
ipactl restart.
This has happened on freeipa-01 and freeipa-02. When it freezes, CLI commands
would timeout and we would not be able to join systems to the FreeIPA domain.
NOTE: I have only caught FreeIPA frozen
Marcelo Carvalho via FreeIPA-users wrote:
> FreeIPA would periodically freeze and would require a service restart - sudo
> ipactl restart.
>
> This has happened on freeipa-01 and freeipa-02. When it freezes, CLI commands
> would timeout and we would not be able to join systems to the FreeIPA
Thanks for the suggestions so far!
I'm documenting this on this thread because I found out why the previous
system had the custom sambaSamAccount attributes: They seem to be necessary
to authenticate SMB shares when FreeIPA is the LDAP backend to a Synology
NAS. If I try to set LDAP
I'm trying to setup a third replica server using the ansible_freeipa.ipareplica
role.
The role fails on the following step:
"[freeipa.ansible_freeipa.ipaclient : Install - Join IPA]":
"servers": [
"192.168.1.100", (replica1.example.com
"192.168.1.101" (replica2.example.com
]
"msg":
Many thanks, I'll look into it.
_M
On Mon, Feb 5, 2024 at 8:00 AM Rob Crittenden wrote:
> Marcelo Carvalho via FreeIPA-users wrote:
> > FreeIPA would periodically freeze and would require a service restart -
> sudo ipactl restart.
> >
> > This has happened on freeipa-01 and freeipa-02. When
Melissa,I’ve been following your thread here as I also have a 4.5.x system that _really_ needs to be updated, but I’m nervous to touch it since it “works”.How you testing this without breaking the instance? Im nervous I have issues like you are experiencing and it breaks everything. I would like
Oh I'm not touching the original instance, it's still up and I'll leave it
there for the foreseeable future. Attempts to upgrade CentOS in-place all
ran into tricky problems. (The way I tested this was: I prepared snapshots
*and* backups of the VM, then tried to upgrade, and when it broke I
12 matches
Mail list logo