Hi,
I'm looking for implementing FreeIPA in an environment where there are
multiple customers in multiple organizations and a single organization
that manages the users, sets the access rights etc.
We don't have a centralized system currently so I will be starting from
the scratch in that sense.
On Tue, Nov 29, 2011 at 09:43:55PM -0500, Rob Crittenden wrote:
> Craig T wrote:
> >Hi,
> >
> >I tried letting the client install go and it does eventually finish, however
> >SSSD_NSS queries don't work.
> >See errors below;
> >
> >--
Hi,
I would have thought this was a case/design of separate realm's.
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] o
Looking at section 3.1 of the documentation I see the process for what
happens during a client setup. In cases where there is no ipa-client
support, this is likely the best option. Is there any more specific
documentation that details the exact procedure (i.e. how to import the
CA certificate, obta
Lassi
On Wed, Nov 30, 2011 at 3:18 AM, Lassi Pölönen wrote:
> I'm looking for implementing FreeIPA in an environment where there are
> multiple customers in multiple organizations and a single organization
> that manages the users, sets the access rights etc.
>
> We don't have a centralized syste
Hi,
that could be one option as well, not completely ruled out. But in some
cases it is a bit too much overhead though. If there are multiple small
organizations with only a handful of account and servers, setting up a
dedicated HA instance for each one doesn't feel very cost effective as
it
Stephen Ingram wrote:
Looking at section 3.1 of the documentation I see the process for what
happens during a client setup. In cases where there is no ipa-client
support, this is likely the best option. Is there any more specific
documentation that details the exact procedure (i.e. how to import
Rob-
On Wed, Nov 30, 2011 at 12:04 PM, Rob Crittenden wrote:
> Retrieve the CA certificate for the FreeIPA CA.
>
> # wget -O /etc/ipa/ca.crt http://ipa.example.com/ipa/config/ca.crt
>
> Create a separate Kerberos configuration to test the provided credentials.
> This enables a Kerberos connection
Stephen Ingram wrote:
Rob-
On Wed, Nov 30, 2011 at 12:04 PM, Rob Crittenden wrote:
Retrieve the CA certificate for the FreeIPA CA.
# wget -O /etc/ipa/ca.crt http://ipa.example.com/ipa/config/ca.crt
Create a separate Kerberos configuration to test the provided credentials.
This enables a Kerb
Is is possible to configure an AD synchronization with IPA but only
for existing IPA accounts? Our AD has a lot of user accounts that the
IPA won't need for now. I don't want to automatically add all of the
additional user accounts to IPA.
I can set up new IPA user accounts with the "ipa user-a
Hi,
interesting.I thought I read it would only sync for new accounts created
after the winsync was active?...I'd like to bring the lot across in my
casebut have them disabledbut Im buggered at the moment until the
groups problem with sssd is fixed
:/
regards
Steven Jones
Tec
brilliant!
I checked /var/log/messages and found;
Nov 30 10:33:58 chtvm-centos-6 sssd[be[teratext.saic.com.au]]: Starting up
Nov 30 10:33:58 chtvm-centos-6 kernel: sssd_be[1516]: segfault at 10 ip
003a12a13eee sp 7fffdb5e3b60 error 4 in
libldap-2.4.so.2.5.2[3a12a0+43000]
Nov 30 10
Hi,
Anyone had any success using Solaris 10 as a IPA client (using
ipa-server-2.1.1-4.el6.x86_64)?
Does anyone have any more detailed documentation on the topic? I find that
Section "3.3.1. Configuring Solaris 10" from the Identitiy Management Guide
very light.
#Solaris 10 (Newest Edition)
13 matches
Mail list logo
