Re: [Freeipa-users] LDAP authentication for 3rd party

On 12 April 2013 15:51, Simon Williams simon.willi...@thehelpfulcat.comwrote: I use Atlassian products, but use Crowd to provide single signon. This means that Crowd is the only application that needs to authenticate against LDAP. I found that I had to tell Crowd that the server was 389 DS. I

Re: [Freeipa-users] User Roles and access in GUI

On 04/12/2013 01:07 AM, Chandan Kumar wrote: Hello, I have a question regarding Uer Roles and Access in GUI. What I have found that irrespective of Role assigned to a user, he gets read only access across the directory. For example, I created one user say dnsadmin with only Roles

Re: [Freeipa-users] EXTERNAL: Re: ipa-replica-install errors

Hey, I tried recreating the replica information and doing the ipa-replica-install and it's still failing at trying to start the replication. I've also tried doing a force sync and it comes up with that generation ID error. Matt -Original Message- From: Jatin Nansi

Re: [Freeipa-users] User Roles and access in GUI

On 04/12/2013 02:23 AM, Martin Kosek wrote: On 04/12/2013 01:07 AM, Chandan Kumar wrote: Hello, I have a question regarding Uer Roles and Access in GUI. What I have found that irrespective of Role assigned to a user, he gets read only access across the directory. For example, I created

Re: [Freeipa-users] LDAP authentication for 3rd party

On 04/11/2013 11:58 PM, Peter Brown wrote: On 12 April 2013 15:51, Simon Williams simon.willi...@thehelpfulcat.com mailto:simon.willi...@thehelpfulcat.com wrote: I use Atlassian products, but use Crowd to provide single signon. This means that Crowd is the only application that needs

[Freeipa-users] bit OT: trouble getting nfsv4 with kerberos with ipa and opensolaris

hi, apparently what I am trying to do is not very usual because I do not get any answer on the omnios (opensolaris derivative) mailing list. I have successfully joined a host to the ipa domain, I can log in the omnios host as an ipa user, getent works, kerberos works (thanks to Johan Petersson

Re: [Freeipa-users] bit OT: trouble getting nfsv4 with kerberos with ipa and opensolaris

On 04/12/2013 03:35 PM, Natxo Asenjo wrote: hi, apparently what I am trying to do is not very usual because I do not get any answer on the omnios (opensolaris derivative) mailing list. I have successfully joined a host to the ipa domain, I can log in the omnios host as an ipa user, getent

Re: [Freeipa-users] bit OT: trouble getting nfsv4 with kerberos with ipa and opensolaris

Your syntax seem correct but you need to quote the value. Natxo Asenjo natxo.ase...@gmail.com wrote: hi, apparently what I am trying to do is not very usual because I do not get any answer on the omnios (opensolaris derivative) mailing list. I have successfully joined a host to the ipa domain,

Re: [Freeipa-users] bit OT: trouble getting nfsv4 with kerberos with ipa and opensolaris

hi, thanks, still not working though: # share -F nfs -o sec=krb5 -d homedirs /export/home Could not share: /export/home: invalid security type # zfs set sharenfs=sec=krb5 rpool/export/home cannot set property for 'rpool/export/home': 'sharenfs' cannot be set to invalid options # zfs set

Re: [Freeipa-users] bit OT: trouble getting nfsv4 with kerberos with ipa and opensolaris

zfs set sharenfs='sec=krb5' pool/dataset Natxo Asenjo natxo.ase...@gmail.com wrote: hi, thanks, still not working though: # share -F nfs -o sec=krb5 -d homedirs /export/home Could not share: /export/home: invalid security type # zfs set sharenfs=sec=krb5 rpool/export/home cannot set property

Re: [Freeipa-users] User Roles and access in GUI

Thanks for the response. The way we can turn off the anonymous bind in 389 Server. using nsslapd-allow-anonymous-access: off. Is there any way to limit the read access of user to only to the DNS entries? In that way I can create a user who could/will be able to see/edit DNS entries only.