On 04/24/2014 10:46 PM, Dmitri Pal wrote:
On 04/23/2014 07:23 PM, Stephen Benjamin wrote:
...
I am not sure it is doing the right thing. In the blog you specify
bindpw for SUDO, this means you are configuring SUDO without SSSD
integration. If you use IPA it is a command switch on the
On 25.4.2014 09:07, Martin Kosek wrote:
On 04/24/2014 10:46 PM, Dmitri Pal wrote:
On 04/23/2014 07:23 PM, Stephen Benjamin wrote:
...
I am not sure it is doing the right thing. In the blog you specify
bindpw for SUDO, this means you are configuring SUDO without SSSD
integration. If you use
What are the certs for?
At the moment for a third party application however we would like to
issue our own certs for everything SSL such as LDAPs or OpenVPN. It is
quite a powerful feature to be able to install an organisations root
key on a clients machine and then be able to bosh out certs at
On 04/25/2014 01:59 AM, Chris Whittle wrote:
I am wanting to use Free IPA as the authentication source for Google Apps. I
can't seem to find any documentation on how to accomplish this. Anyone have
any
experience they would be willing to share? Or install is on CentOS 6.5 fyi.
I did a
On 04/25/2014 09:50 AM, Andrew Holway wrote:
Hello,
I am having a think about running freeipa on the open seas for more
distributed organisations and would like to understand where the
weaknesses might be. I would almost certainly only make the ui
unavailable however I am unsure about the
- Original Message -
From: Jan Cholasta jchol...@redhat.com
To: Martin Kosek mko...@redhat.com, d...@redhat.com, Stephen Benjamin
stben...@redhat.com
Cc: freeipa-users@redhat.com
Sent: Friday, April 25, 2014 9:44:37 AM
Subject: Re: [Freeipa-users] FreeIPA + Foreman 1.5
AFAIK you
On 04/25/2014 10:16 AM, Stephen Benjamin wrote:
- Original Message -
From: Jan Cholasta jchol...@redhat.com
To: Martin Kosek mko...@redhat.com, d...@redhat.com, Stephen Benjamin
stben...@redhat.com
Cc: freeipa-users@redhat.com
Sent: Friday, April 25, 2014 9:44:37 AM
Subject: Re:
On 25.4.2014 00:15, Dave Jones wrote:
Hi Rob,
I was considering installing replicas using puppet. Having pre-prepared
replica files available would be easier than having to run an
ipa-replica-prepare and scp copy.
I had guessed the ldap/kerberos replication would handle the
- Original Message -
From: Martin Kosek mko...@redhat.com
To: Stephen Benjamin stben...@redhat.com, Jan Cholasta
jchol...@redhat.com
Cc: d...@redhat.com, freeipa-users@redhat.com, Tomas Babej
tba...@redhat.com
Sent: Friday, April 25, 2014 10:54:13 AM
Subject: Re: [Freeipa-users]
Thanks Martin, I found a few notes on FreeIPA and GADS but most were people
saying not to do it on principal but nothing saying if it's possible or not.
I like the SAML option, including the mysterious ipsilon (Is there anything
more than the git repo yet?), but wonder how much control it has.
On Fri, 2014-04-25 at 07:27 -0500, Chris Whittle wrote:
Thanks Martin, I found a few notes on FreeIPA and GADS but most were people
saying not to do it on principal but nothing saying if it's possible or not.
I like the SAML option, including the mysterious ipsilon (Is there anything
more
Thank you Simo! Does anyone have any more info/experience on using GADS
and FreeIPA that they would be willing to share?
On Fri, Apr 25, 2014 at 7:39 AM, Simo Sorce sso...@redhat.com wrote:
On Fri, 2014-04-25 at 07:27 -0500, Chris Whittle wrote:
Thanks Martin, I found a few notes on FreeIPA
On 04/25/2014 07:44 AM, Martin Kosek wrote:
On 04/25/2014 01:23 PM, Stephen Benjamin wrote:
...
authconfig --nisdomain example.com --update
nisdomainname example.com
On Fedora or RHEL 7.0, you would also need to enable systemd service to
make
the NIS domain name setup persistent:
# service
On 04/25/2014 05:06 AM, Petr Spacek wrote:
On 25.4.2014 00:15, Dave Jones wrote:
Hi Rob,
I was considering installing replicas using puppet. Having
pre-prepared replica files available would be easier than having to
run an ipa-replica-prepare and scp copy.
I had guessed the ldap/kerberos
On 04/25/2014 03:57 AM, Andrew Holway wrote:
What are the certs for?
At the moment for a third party application however we would like to
issue our own certs for everything SSL such as LDAPs or OpenVPN. It is
quite a powerful feature to be able to install an organisations root
key on a clients
On 04/25/2014 09:52 AM, Stephen Benjamin wrote:
- Original Message -
From: Dmitri Pal d...@redhat.com
To: Martin Kosek mko...@redhat.com, Stephen Benjamin stben...@redhat.com
Cc: Jan Cholasta jchol...@redhat.com, freeipa-users@redhat.com, Tomas Babej
tba...@redhat.com
Sent: Friday,
On 04/25/2014 09:51 AM, Simo Sorce wrote:
On Fri, 2014-04-25 at 09:29 -0400, Dmitri Pal wrote:
On 04/25/2014 08:39 AM, Simo Sorce wrote:
On Fri, 2014-04-25 at 07:27 -0500, Chris Whittle wrote:
Thanks Martin, I found a few notes on FreeIPA and GADS but most were people
saying not to do it on
On Fri, 2014-04-25 at 10:00 -0400, Dmitri Pal wrote:
On 04/25/2014 09:51 AM, Simo Sorce wrote:
On Fri, 2014-04-25 at 09:29 -0400, Dmitri Pal wrote:
On 04/25/2014 08:39 AM, Simo Sorce wrote:
On Fri, 2014-04-25 at 07:27 -0500, Chris Whittle wrote:
Thanks Martin, I found a few notes on
Dmitri Pal wrote:
On 04/25/2014 05:06 AM, Petr Spacek wrote:
On 25.4.2014 00:15, Dave Jones wrote:
Hi Rob,
I was considering installing replicas using puppet. Having
pre-prepared replica files available would be easier than having to
run an ipa-replica-prepare and scp copy.
I had guessed
- Original Message -
From: Dmitri Pal d...@redhat.com
To: Stephen Benjamin stben...@redhat.com
Cc: Martin Kosek mko...@redhat.com, Jan Cholasta jchol...@redhat.com,
freeipa-users@redhat.com, Tomas Babej
tba...@redhat.com
Sent: Friday, April 25, 2014 3:59:31 PM
Subject: Re:
On 04/25/2014 10:29 AM, Stephen Benjamin wrote:
- Original Message -
From: Dmitri Pal d...@redhat.com
To: Stephen Benjamin stben...@redhat.com
Cc: Martin Kosek mko...@redhat.com, Jan Cholasta jchol...@redhat.com,
freeipa-users@redhat.com, Tomas Babej
tba...@redhat.com
Sent: Friday,
This type of behavior is generally beyond what Puppet should do
because it involves two systems retrieving information directly from
one another and the puppet master can't reasonably serve as the
repository of that information. Using a separate tool will likely work
better. There's at least two
On 04/25/2014 12:48 PM, Justin Brown wrote:
This type of behavior is generally beyond what Puppet should do
because it involves two systems retrieving information directly from
one another and the puppet master can't reasonably serve as the
repository of that information. Using a separate tool
Justin Brown wrote:
This type of behavior is generally beyond what Puppet should do
because it involves two systems retrieving information directly from
one another and the puppet master can't reasonably serve as the
repository of that information. Using a separate tool will likely work
better.
24 matches
Mail list logo