>On Thu, Nov 12, 2015 at 08:55:25PM +0100, Martin Kosek wrote:
>> On 11/12/2015 04:51 PM, Terry John wrote:
>> >
>> >I got a core dump of certmonger failing user abrt but it's huge. Is there
>> >any particular part that would be useful.
>>
>> CCing Nalin and David for the core dump. More below.
Jeffrey Stormshak wrote:
Thank you for the response. If I may, can you expand more on the sudoers
response?
More details from my configuration ...
The current setup for me is that all my sudoers rules/commands and groups are
defined and stored in the RHEL 7.1 IDM LDAP. When I create the
Thank you for the response. If I may, can you expand more on the sudoers
response?
More details from my configuration ...
The current setup for me is that all my sudoers rules/commands and groups are
defined and stored in the RHEL 7.1 IDM LDAP. When I create the
/etc/sudo-ldap.conf
Thanks Rob! Sorry, I didn't forget to mention what was the message. It
basically stated the message listed below.
Sorry, user plmoss may not run sudo on client_server
Let me try your suggestions and see if that helps lead me down the right path.
Once again, thanks for this feedback. Oh how
I meant "did" forget. Silly typo on my behalf...
-Original Message-
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Jeffrey Stormshak
Sent: Tuesday, November 17, 2015 10:44 AM
To: Rob Crittenden; Jakub Hrozek; freeipa-users@redhat.com
Hi all,
Splitting ipausers helped ipa user-add speed a lot. Two other things helped:
1) Setting nsslapd-cachememsize much larger than the size of the
id2entry file
2) Increasing the size of the DN cache size, nsslapd-ndn-cache-max-size
I've got 60,000+ users now and user-add only takes
I'm putting together a java kerberos client and am having an issue
getting a SGT form IPA. I get a TGT without issue, but when I submit
the TGS-REQ I get the following errors in the ipa log:
Nov 17 20:53:15 freeipa.rhelent.lan krb5kdc[7507](info): AS_REQ (1
etypes {17}) 192.168.2.129: ISSUE:
On Fri, Nov 13, 2015 at 12:00:16PM +0100, Martin Kosek wrote:
> On 11/13/2015 11:14 AM, Terry John wrote:
> >>On 11/12/2015 04:51 PM, Terry John wrote:
> >>>I got a core dump of certmonger failing user abrt but it's huge. Is there
> >>>any particular part that would be useful.
> >
> >>CCing Nalin
I found the problem and opened a new ticket at
https://fedorahosted.org/freeipa/ticket/5456
Am 17.11.2015 um 03:56 schrieb Jens Dieskau:
Hello everybody,
Since the last version of FreeIPA I cannot add or delete any ssh user
keys for synced users. Neither on commandline nor web ui.
It works
On Mon, Nov 16, 2015 at 08:58:37PM +, Jeffrey Stormshak wrote:
> Greetings ---
> I'm in the process of deploying the RHEL 7.1 IDM into my enterprise and we
> have a great number of Oracle Linux 5.5 servers. Upon research from Oracle
> (ULN Channels) the Linux "ipa-client" was only released
you could set minssf:
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html/Administration_Guide/SecureConnections.html#requiring-secure-connections
On 11/18/2015 07:24 AM, Prashant Bapat wrote:
Hi,
We have a pair of freeipa servers (4.1.4) and a bunch of Linux clients
Hi,
We have a pair of freeipa servers (4.1.4) and a bunch of Linux clients
configured to talk to them thru pam-nss-ldapd (no sssd). I want to ensure
that these clients only talk to freeipa's LDAP server either via ldaps or
ldap+starttls. Plain ldap should not be allowed.
I can always switch to
12 matches
Mail list logo