On 19.9.2014 23:15, Genadi Postrilko wrote:
The DNS server service of AD is running.
I am able to resolve with nslookup command.
I have just restarted the named service and i am able to kinit again.
It looks like the named deamon, cannot recognize that the forwarder is back
online.
Is there
On 09/20/2014 01:02 AM, swartz wrote:
Hello,
Encountered same issue as described here:
https://www.redhat.com/archives/freeipa-users/2013-July/msg00133.html
https://www.redhat.com/archives/freeipa-users/2014-August/msg00224.html
Plain vanilla IPA setup. No changes, no customizations.
Security scan of FreeIPA server ports uncovered weak, medium and null ciphers
on port 389 and 636. We are running ‘ipa-server-3.0.0-37.el6.i686’.
How can I disable/remove these ciphers in my existing setup?
Ciphers Discovered -
TLSv1
EXP-RC2-CBC-MD5 Kx=RSA(512)Au=RSA
On Mon, 2014-09-22 at 10:50 +0200, Martin Kosek wrote:
On 09/20/2014 01:02 AM, swartz wrote:
Hello,
Encountered same issue as described here:
https://www.redhat.com/archives/freeipa-users/2013-July/msg00133.html
https://www.redhat.com/archives/freeipa-users/2014-August/msg00224.html
On Mon, 2014-09-22 at 10:43 -0400, Ade Lee wrote:
On Mon, 2014-09-22 at 10:50 +0200, Martin Kosek wrote:
On 09/20/2014 01:02 AM, swartz wrote:
Hello,
Encountered same issue as described here:
https://www.redhat.com/archives/freeipa-users/2013-July/msg00133.html
We would like to add some users that are currently in the
password/shadow files on some servers into IPA.
Is there any way to copy (preferably via a script) the encrypted
password into IPA so that we do not have to have them reset their
passwords?
Our idea is to use the IPA user-add command
On 09/22/2014 02:23 PM, Ron wrote:
We would like to add some users that are currently in the
password/shadow files on some servers into IPA.
Is there any way to copy (preferably via a script) the encrypted
password into IPA so that we do not have to have them reset their
passwords?
Our idea is
On 09/20/2014 05:19 PM, Simo Sorce wrote:
On Sat, 20 Sep 2014 19:44:28 +0200
Rob Verduijn rob.verdu...@gmail.com wrote:
Hi again,
Thank you for the quick response.
I've removed the credstore entries that are not necessary for the nfs
access.
Now the users no longer go through gssproxy, but
Dmitri Pal wrote:
On 09/22/2014 02:23 PM, Ron wrote:
We would like to add some users that are currently in the
password/shadow files on some servers into IPA.
Is there any way to copy (preferably via a script) the encrypted
password into IPA so that we do not have to have them reset their
On 9/22/2014 9:14 AM, Ade Lee wrote:
Another question - what is the output of ls -l /etc/pki-ca/CS.cfg ?
ls -l /etc/pki-ca/CS.cfg
-rw-r-. 1 pkiuser pkiuser 49196 Sep 19 11:29 /etc/pki-ca/CS.cfg
I know that I did NOT change the configs myself. But something certainly
did during 'yum
On Mon, 22 Sep 2014 15:09:42 -0400
Dmitri Pal d...@redhat.com wrote:
On 09/20/2014 05:19 PM, Simo Sorce wrote:
On Sat, 20 Sep 2014 19:44:28 +0200
Rob Verduijn rob.verdu...@gmail.com wrote:
Hi again,
Thank you for the quick response.
I've removed the credstore entries that are not
On 09/22/2014 05:03 AM, Murty, Ajeet (US - Arlington) wrote:
Security scan of FreeIPA server ports uncovered weak, medium and null
ciphers on port 389 and 636. We are running ‘ipa-server-3.0.0-37.el6.i686’.
How can I disable/remove these ciphers in my existing setup?
This has recently been
2014-09-22 21:31 GMT+02:00 Rob Crittenden rcrit...@redhat.com:
The trick is having the hash in a format acceptable to 389-ds. I know it
works with crypt, you just need to prefix it with {crypt}hash. For
other formats, I don't know.
{SHA}hash works as well
- Jitse
--
Manage your
On Mon, 2014-09-22 at 13:39 -0600, swartz wrote:
On 9/22/2014 9:14 AM, Ade Lee wrote:
Another question - what is the output of ls -l /etc/pki-ca/CS.cfg ?
ls -l /etc/pki-ca/CS.cfg
-rw-r-. 1 pkiuser pkiuser 49196 Sep 19 11:29 /etc/pki-ca/CS.cfg
In very rare cases, I've seen cases where
14 matches
Mail list logo
