Hi,
On Sat, 27 Jun 2015, Dmitri Pal wrote:
On 06/18/2015 05:09 AM, dbisc...@hrz.uni-kassel.de wrote:
I have a svnserve (Subversion 1.6.11) running on my IPA server. Currently,
there's a separate user database with SASL auth:
/etc/sasl2/svn.conf
---
pwcheck_method: auxprop
auxprop_plugin:
Hello.
Is it possible to use IPA with HP-UX servers (ldapux) to authenticate users
from AD via IPA-AD trusts, or such way only work for systems with sssd?
WBR,
Alexander Frolushkin
Cell +79232508764
Work +79232507764
?? ? ? ?
hi
i install centos 6.7 trust with Windows 2008 r2 (User AD can not Login)
and get log in IPA SERVER file: /var/log/krb5kdc.log
domain IPA: l.infotechpsp.net
++
Sep 09 15:09:20 ipareplica.l.infotechpsp.net krb5kdc[1518](info): AS_REQ (4
etypes {18 17 16 23}) 10.30.120.20:
On Wed, 09 Sep 2015, Morgan Marodin wrote:
Hi Alexander.
Ok, after enabling debugging I have these logs:
---
==> /var/log/httpd/error_log <==
INFO: Current debug levels:
all: 100
tdb: 100
printdrivers: 100
lanman: 100
smb: 100
On Wed, 09 Sep 2015, Alexander Frolushkin wrote:
Hello.
Is it possible to use IPA with HP-UX servers (ldapux) to authenticate
users from AD via IPA-AD trusts, or such way only work for systems with
sssd?
I suspect you need to test it -- set it up like against Netscape/iPlanet
directory server
On 09/05/2015 09:12 PM, Mateusz Małek wrote:
W dniu 01.09.2015 o 13:27, Petr Vobornik pisze:
On 08/27/2015 05:17 AM, Mateusz Małek wrote:
We're trying to adjust FreeIPA to our environment... quite a bit. Here
are some bullet points:
(...)
For points 3, 5, 6 and to limit available choices
On 5.9.2015 12:48, Günther J. Niederwimmer wrote:
> Hello,
>
> System CentOS 7.
>
> is it possible to change a certificate to add a subject alt name?
>
> My "Problem" is, I have a Mail Server with name smtp.example.com and the
> correct service certificates smtp/smtp.example.com &
Hi Alexander
IPv6 stack is disabled on my RHEL like distro, v 7 x64, but is enable on my
WIndows 2012.
I have read in a freeipa article to disable IPv6.
I've 2 Domain Controller with Windows Server 2012 and (at this time) one
new freeipa server, just installed, in the same network.
AD REALM is
On 9.9.2015 07:09, Alexander Bokovoy wrote:
> On Wed, 09 Sep 2015, John Keates wrote:
>> So I was having a DNS mess the other day and decided to clean it up.
>> Before, I was running Unbound on pfSense which then had a domain
>> override to the IPA box. It would forward all queries and IPA-wise
So to restore IPA I tried,
ipa-restore --data ipa-full-2015-09-10-10-28-11
and now I cannot loginopsie.
The admin user password doesnt work and neither do my own accounts.
NB I assume the flag --data restores the user data/HBAC rules etc?
regards
Steven
--
Manage your
On Thu, 10 Sep 2015, Alexander Frolushkin wrote:
Thank you,
so it may work or may not work - we need to try such configuration
first. I hoped somebody already do this and may share the experience :)
BTW, I already do some part of this work before - for native IPA users
it works, but of cause,
Thank you,
so it may work or may not work - we need to try such configuration first. I
hoped somebody already do this and may share the experience :)
BTW, I already do some part of this work before - for native IPA users it
works, but of cause, without HBAC.
WBR,
Alexander Frolushkin
Cell
Is there an equivalent host/computer default objectclasses that there is for
ipa config-mod -groupobjectclasses/--userobjectclasses ? We are wanting to add
some additional attributes to all of the servers, I'm able to add the object
class to individual servers but not sure on the procedure so
On Wed, 09 Sep 2015, Morgan Marodin wrote:
Hi Alexander
IPv6 stack is disabled on my RHEL like distro, v 7 x64, but is enable on my
WIndows 2012.
I have read in a freeipa article to disable IPv6.
Sorry, and why you did decide to disable IPv6 stack? FreeIPA article
explicitly talks about not
Ok I've got a strange one going on. I just updated several machines to RHEL
6.7 and seem to have broken my sudo rules. I've tracked the problem down to
having
Default_domain_suffix = ad.domain
In the sssd.conf. If I remove that I can login using the fqn from AD and sudo
rules are applied
I have a working IPA server and a working client config on an OpenSuse 13.2
with the following versions: nappali:~ # rpm -qa |grep sssd
sssd-tools-1.12.2-3.4.1.i586
sssd-krb5-1.12.2-3.4.1.i586
python-sssd-config-1.12.2-3.4.1.i586
sssd-ipa-1.12.2-3.4.1.i586
sssd-1.12.2-3.4.1.i586
Hello,
I was wondering if anyone has played with thee extended logging of IPA
and specifically SSSD and the kibana dashboards they put together.
https://www.freeipa.org/page/Centralized_Logging
I can't seem to get "clients" to send the login info
17 matches
Mail list logo