We were playing with rotating CA for FreeIPA as an DR procedure. I wouldn't
use this how to unless completely necessary as it will mean many manual
tasks on your infrastructure. But to know how it could be done:
1) ipa backup:
/var/lib/dirsrv/scripts-KOKOTINA/db2bak.pl -v -D "cn=directory manager
Lukáš Bezdička wrote:
We were playing with rotating CA for FreeIPA as an DR procedure. I
wouldn't use this how to unless completely necessary as it will mean
many manual tasks on your infrastructure. But to know how it could be done:
This approach can work. It should be considered a last resort
I have successfully configured FreeIPA to auto-mount the home directory
for FreeIPA users. But on those occasions when I need to login as the
local administrator I can not get a home directory:
[root@host ~]# ssh local@fedora19
local@fedora19's password:
Could not chdir to home directory /home/l
On 06/14/2013 10:31 AM, Petr Viktorin wrote:
On 06/14/2013 03:37 PM, Josh wrote:
I'm trying to install freeipa on RHEL6.4 running version
ipa-server-3.0.0-26.el6_4.2.x86_64 but it keeps failing at the
"Configuration of CA failed". I believe the problem is that the python
used to generate the pe
A couple of things to check (you probably have done this thought)...
- Make sure the entry in /etc/nsswitch.conf reads:
automount: files sss
- Also, do you have a "local" account entry in /etc/passwd? That may
confuse things...
Tom
On Tue, Jun 18, 2013 at 1:12 PM, Dean Hunter wrote:
> I ha
Thank you for your response. As you suggested I
checked /etc/nsswitch.conf. ipa-client-automount left the line looking
like:
automount: sss files
So I changed it to:
automount: files sss
rebooted and tried again. The results were the same.
I also checked /etc/passwd. There is an entry for loc
We are migrating from an ancient FreeIPA 2.0 server to a 3.1.5 server. Is
there a documented procedure to export all the data from the 2.0 server and
import it into the 3.1.5 server?
If I copy files over (PKI DB, main IPA DB, Kerberos stuff), will they be
upgraded on next restart, or is it much
Are you trying to mount the network home dirs to /home? I usually do something
like create /home/net/ and mount them there. That way local users home dirs do
not match an auto mount key.
Brian
On Jun 18, 2013, at 4:49 PM, Dean Hunter wrote:
> Thank you for your response. As you suggested
On 06/19/2013 02:09 AM, Joshua J. Kugler wrote:
> We are migrating from an ancient FreeIPA 2.0 server to a 3.1.5 server. Is
> there a documented procedure to export all the data from the 2.0 server and
> import it into the 3.1.5 server?
Not yet (but there will be till the end of June) - you can
