On ti, 25 loka 2016, Fraser Tweedale wrote:
On Tue, Oct 25, 2016 at 08:01:59AM +0300, Alexander Bokovoy wrote:
On ti, 25 loka 2016, Fraser Tweedale wrote:
> On Mon, Oct 24, 2016 at 12:30:10AM -0700, Fil Di Noto wrote:
> > On Sun, Oct 23, 2016 at 9:53 PM, Fraser Tweedale
wrote:
> > > On Sun, Oc
On 24/10/16 19:26, Gilbert Wilson wrote:
On Oct 24, 2016, at 5:51 AM, David Kupka wrote:
On 22/10/16 00:15, Gilbert Wilson wrote:
We have a lot of FreeBSD systems that I would like to streamline certificate
issuance and renewal. Ideally, we could leverage our FreeIPA system's CA to do
this
On Tue, Oct 25, 2016 at 08:01:59AM +0300, Alexander Bokovoy wrote:
> On ti, 25 loka 2016, Fraser Tweedale wrote:
> > On Mon, Oct 24, 2016 at 12:30:10AM -0700, Fil Di Noto wrote:
> > > On Sun, Oct 23, 2016 at 9:53 PM, Fraser Tweedale
> > > wrote:
> > > > On Sun, Oct 23, 2016 at 08:37:15PM -0700, F
On ti, 25 loka 2016, Fraser Tweedale wrote:
On Mon, Oct 24, 2016 at 12:30:10AM -0700, Fil Di Noto wrote:
On Sun, Oct 23, 2016 at 9:53 PM, Fraser Tweedale wrote:
> On Sun, Oct 23, 2016 at 08:37:15PM -0700, Fil Di Noto wrote:
>> Hello,
>>
>>
>>
>> I would like to better understand why IPA require
On Mon, Oct 24, 2016 at 12:30:10AM -0700, Fil Di Noto wrote:
> On Sun, Oct 23, 2016 at 9:53 PM, Fraser Tweedale wrote:
> > On Sun, Oct 23, 2016 at 08:37:15PM -0700, Fil Di Noto wrote:
> >> Hello,
> >>
> >>
> >>
> >> I would like to better understand why IPA requires SAN (subject alternative
> >> n
I've seen some different behaviour. I've had errors for users (including
the admin user) trying to log in with possibly an expired password. Both
webui and ssh would fail, but kinit would work. I'm not sure if this is
related to the password's expiration or the account's expiration. My
/var/log/sec
> On Oct 24, 2016, at 5:51 AM, David Kupka wrote:
>
> On 22/10/16 00:15, Gilbert Wilson wrote:
>> We have a lot of FreeBSD systems that I would like to streamline certificate
>> issuance and renewal. Ideally, we could leverage our FreeIPA system's CA to
>> do this. But, certmonger doesn't run
On Mon, Oct 24, 2016 at 11:29:06AM -0400, William Muriithi wrote:
> Morning Jakub,
>
> >> However, I would like to tune this configuration to drop the domain
> >> component of the user and group names. I tried to do this by adding
> >> these settings to the [sssd] section in sssd.conf on the c
Morning Jakub,
>> However, I would like to tune this configuration to drop the domain
>> component of the user and group names. I tried to do this by adding
>> these settings to the [sssd] section in sssd.conf on the client:
>>
>>default_domain_suffix = example.au
>> full_name_format =
On 22/10/16 00:15, Gilbert Wilson wrote:
We have a lot of FreeBSD systems that I would like to streamline certificate
issuance and renewal. Ideally, we could leverage our FreeIPA system's CA to do
this. But, certmonger doesn't run on FreeBSD (or does it?). What other means
have other people tr
On 10/24/2016 01:21 PM, Günther J. Niederwimmer wrote:
Hello Ludwig,
thanks for the answer,
Am Montag, 24. Oktober 2016, 09:53:21 schrieb Ludwig Krispenz:
On 10/23/2016 03:01 PM, Günther J. Niederwimmer wrote:
I have added on my ipa (Master) Server this user and ACI with a ldif file
ldapmo
On 21/10/16 15:17, Brian Candler wrote:
Question: when a password expires, does it remain in a usable state in
the database indefinitely? For example, if someone comes along a year
after their password has expired, can they still login once with that
password?
This is actually what I want, but I
Hello Ludwig,
thanks for the answer,
Am Montag, 24. Oktober 2016, 09:53:21 schrieb Ludwig Krispenz:
> On 10/23/2016 03:01 PM, Günther J. Niederwimmer wrote:
> > I have added on my ipa (Master) Server this user and ACI with a ldif file
> >
> > ldapmodify -x -D 'cn=Directory Manager' -W
> > dn: u
Hello Sebastien,
the safest way is to create a WebUI plugin which rewrite definition of
radiobutton in deleter dialog. You can find radiobutton code in user.js,
line 989 (method IPA.user.create_active_user_del_dialog), where you need
to set default_value to true.
Several examples of plugins
These are both the subjects for the old and new root ca cert.
Subject: "CN=tokio-PAPRIKA-CA,DC=tokio,DC=local"
Subject Public Key Info:
Public Key Algorithm: PKCS #1 RSA Encryption
RSA Public Key:
Modulus:
d5:51:19:a0:7e:2
Hi,
On 10/23/2016 03:01 PM, Günther J. Niederwimmer wrote:
Hello,
I have added on my ipa (Master) Server this user and ACI with a ldif file
ldapmodify -x -D 'cn=Directory Manager' -W
dn: uid=system,cn=sysaccounts,cn=etc,dc=example,dc=com
changetype: add
objectclass: account
objectclass: simples
On Sun, Oct 23, 2016 at 9:53 PM, Fraser Tweedale wrote:
> On Sun, Oct 23, 2016 at 08:37:15PM -0700, Fil Di Noto wrote:
>> Hello,
>>
>>
>>
>> I would like to better understand why IPA requires SAN (subject alternative
>> name) entries to have a backing host record. In order to sign a certificate
>>
On ma, 24 loka 2016, Fraser Tweedale wrote:
On Sun, Oct 23, 2016 at 08:37:15PM -0700, Fil Di Noto wrote:
Hello,
I would like to better understand why IPA requires SAN (subject alternative
name) entries to have a backing host record. In order to sign a certificate
with a SAN that corresponded
18 matches
Mail list logo