On 02/04/2014 05:11 AM, Les Stott wrote:
> Hi,
>
> Running freeipa 3.0.0-37.el6 on rhel 6.4 and just had a query about HBAC
> rules and how the global allow_all rule applies.
>
> I configured a rule for a single host (host1) allowing access via ssh to only
> a single user (john) via ssh. i.e.
>
If you are seeing clock skew errors in /var/log/dirsrv/slapd-EXAMPLE-COM/errors that look like this, then you will need to verify the time/date of the server to make sure NTP isn't freaked out. If the system date is correct, it is possible that the change number generator has skewed.[01/Feb/2014:14
Hi,
Running freeipa 3.0.0-37.el6 on rhel 6.4 and just had a query about HBAC rules
and how the global allow_all rule applies.
I configured a rule for a single host (host1) allowing access via ssh to only a
single user (john) via ssh. i.e.
# ipa hbacrule-show host1_access
Rule name: host1_acc
So I understand the mitigation of CSRF attacks. I would like ipa to be able
to handle a specific set of referers. My use case may be less common since
my freeipa instance is handling our server infrastructure not desktops.
I have everything working now. Here is an example nginx server config in
ca
On Mon, 03 Feb 2014, Steve Severance wrote:
Yes it works if I specify the -s as ldap.mycorp.com. So we have progress!
It now appears to authenticate fine when it posts the session but I have a
new error.
I get an Ipa Error 911 "Missing HTTP referer. You have to configure
your browser to send HT
Yes it works if I specify the -s as ldap.mycorp.com. So we have progress!
It now appears to authenticate fine when it posts the session but I have a
new error.
I get an Ipa Error 911 "Missing HTTP referer. You have to configure
your browser to send HTTP referer header." I assume this is because t
On 01/31/2014 08:32 PM, Rob Crittenden wrote:
> Sigbjorn Lie wrote:
>>
>>
>>
>> On Fri, January 17, 2014 16:37, Rob Crittenden wrote:
>>> Sigbjorn Lie wrote:
>>>
This worked better than expected. Thank you! :)
ipa01 and ipa02 seem to be happy again, "getcert list" no longer
