Re: [Freeipa-users] [Solved] Help with debugging HBACs

On Tue, Feb 17, 2015 at 03:47:39PM -0800, Andrew Egelhofer wrote: > Hi Sumit & FreeIPA Users- > > Your suggestion on updating the version of sssd worked like a charm. > Consider this issue solved. Thank you for the feedback, glad I could help. bye, Sumit > > Thanks Everyone, > -Andrew > > On

Re: [Freeipa-users] No LDAPS for dirsrv

On Wed, Feb 18, 2015 at 9:34 AM, Alexander Bokovoy wrote: > > Unfortunately this still didn't resolve the issue. After the system has >> been online for about 10 minutes, named starts complaining: >> Also ldapsearch just hangs if you try to perform any queries. >> Any ideas what could go wrong he

Re: [Freeipa-users] ad relation with winsync

Hi everyone, I'm back with my winsync replication. The replication process works fine, but whenI specify "OU=Linux,DC=mycompany,DC=com" where 2 users have been created, nothing is replicated. btw this is a big AD (90k objects). is it a problem? (idrange for example) If I replicate "cn=Users,DC=

Re: [Freeipa-users] Cross-Realm authentification

On 5.12.2014 22:24, Petr Spacek wrote: > On 5.12.2014 21:53, Alexander Bokovoy wrote: >> On Fri, 05 Dec 2014, Alexander Bokovoy wrote: >>> On Fri, 05 Dec 2014, Petr Spacek wrote: On 5.12.2014 15:21, Andreas Ladanyi wrote: > Am 05.12.2014 um 14:04 schrieb Alexander Bokovoy: >> >

Re: [Freeipa-users] ad relation with winsync

On 02/18/2015 01:13 AM, Nicolas Zin wrote: Hi everyone, I'm back with my winsync replication. The replication process works fine, but whenI specify "OU=Linux,DC=mycompany,DC=com" where 2 users have been created, nothing is replicated. btw this is a big AD (90k objects). is it a problem? (idran

[Freeipa-users] New Replacing Master server help

Hey all. We are in the process of essentially moving data centers while additionally changing to new OS(rhel from centos) - so we are building replica with master option servers to the new networks. version 3.0.. its up and is working as any of our instances. Question is how or what do I need t

Re: [Freeipa-users] New Replacing Master server help

On 02/18/2015 12:17 PM, Cory Carlton wrote: Hey all. We are in the process of essentially moving data centers while additionally changing to new OS(rhel from centos) - so we are building replica with master option servers to the new networks. version 3.0.. its up and is working as any of ou

Re: [Freeipa-users] Passsync fails to connect to LDAP

Sorry to be a pest, but I don't suppose you've heard back about this yet, have you? Thanks, Hugh -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project

Re: [Freeipa-users] New Replacing Master server help

Thank you very much for the straight forward items. I will continue use of these archives (impressed with this group). Also improving my use of https://fedorahosted.org/freeipa/wiki On Wed, Feb 18, 2015 at 12:46 PM, Dmitri Pal wrote: > On 02/18/2015 12:17 PM, Cory Carlton wrote: > > Hey all. >

Re: [Freeipa-users] ping: Fwd: Passsync fails to connect to LDAP

Hello Hugh, Could you tell us the version of 389-ds-base the PassSync is trying to access? If the directory server is not new enough (389-ds-base-*1.3.2.26 *or 389-ds-base-

[Freeipa-users] FreeIPA and Application Specific Passwords

Hello all, Am wondering what support FreeIPA has for Application Specific Passwords? My research seems to indicate 'none'. I've seen quite a few people ask about this, usually the example is wanting a separate password for dovecot etc. Google itself implemented this, allowing multiple passwords f

Re: [Freeipa-users] FreeIPA and Application Specific Passwords

Hi, There is always a tradeoff between ease of use, complexity/cost and security. Looking at what you have written suggests to me that your entire system lacks a proper security / network architecture model and you are trying to enforce a "policy" from one point, IPA. regards Steven __