Re: [Freeipa-users] krb5 and nfsv4 not working right

Try inserting this in /etc/gssproxy/gssproxy.conf: cred_store = ccache:FILE:/tmp/krb5cc_%U /etc/gssproxy/gssproxy.conf: [service/nfs-client] mechs = krb5 cred_store = keytab:/etc/krb5.keytab cred_store = ccache:FILE:/tmp/krb5cc_%U cred_store =

Re: [Freeipa-users] anyone else getting porn spam pretending to be replies to freeipa-users threads?

- On Nov 15, 2016, at 5:32 PM, Chris Dagdigian d...@sonsorol.org wrote: > Got a porn spam today that had a subject header of: > >> Re: [Freeipa-users] URL is changing on the browser > > Have to admit that got through my spam filter and got me to open the email. > > It's clear that it was

Re: [Freeipa-users] anyone else getting porn spam pretending to be replies to freeipa-users threads?

Hehe, just you wait Lachlan ;) /tony On 11/16/2016 01:56 AM, Lachlan Musicman wrote: > Gah, just happened to me. Wasn't porn, but was someone called Kimi and > the only content was "Heeey Lachlan, how's it going?" > > L. > > -- > The most dangerous phrase in the language is, "We've always

[Freeipa-users] Rhel 7 client enroll to Rhel 6 IPA server

Hello, I am starting to see some issues with a few RHEL7 boxes I have been enrolling to my RHEL 6 IPA server regarding encryption. RHEL 7 client Red Hat Enterprise Linux Server release 7.1 (Maipo) sssd-ipa-1.12.2-58.el7_1.18.x86_64 ipa-client-4.1.0-18.el7_1.4.x86_64 RHEL 6 Server Red Hat

Re: [Freeipa-users] anyone else getting porn spam pretending to be replies to freeipa-users threads?

Gah, just happened to me. Wasn't porn, but was someone called Kimi and the only content was "Heeey Lachlan, how's it going?" L. -- The most dangerous phrase in the language is, "We've always done it this way." - Grace Hopper On 16 November 2016 at 04:02, Martin Basti

[Freeipa-users] Shadow Utils appears in sssd.conf

I don't know what I've done wrong, but when I use ipa-client-install on a new host to add to my one way trust domain, I now have a [domain/shadowutils] stanza. This first happened a couple of weeks ago, I saw this bug and thought "it will be solved soon".

Re: [Freeipa-users] anyone else getting porn spam pretending to be replies to freeipa-users threads?

On 15.11.2016 17:32, Chris Dagdigian wrote: Got a porn spam today that had a subject header of: Re: [Freeipa-users] URL is changing on the browser Have to admit that got through my spam filter and got me to open the email. It's clear that it was not a list message; looks like

[Freeipa-users] anyone else getting porn spam pretending to be replies to freeipa-users threads?

Got a porn spam today that had a subject header of: Re: [Freeipa-users] URL is changing on the browser Have to admit that got through my spam filter and got me to open the email. It's clear that it was not a list message; looks like something may be mining the public list archives to pull

Re: [Freeipa-users] Wrong timestamp on ipaclient-install.log file and authentication problem

On 11/15/2016 03:45 PM, Tamer Ataol wrote: Hi, I am trying to make ipa-client-install work on Ubuntu 14.04.5. Everything works except it doesn't get ldap users from IPA Master. I dig issue a little bit and found out that ipaclient-install.log under /var/log/ directory uses wrong timestamp.

Re: [Freeipa-users] ipa-server-install & certificates

Op 15/11/2016 om 15:57:59 +0100, schreef Tomas Krizek: > On 11/15/2016 01:47 PM, Leo Baltus wrote: > > Hi, > > > > (first time user, firts post on this ML) > > > > I am setting up ipa-server on a fresh CentOS-7 system. > > > > After running: > > > > /usr/sbin/ipa-server-install -U --realm

Re: [Freeipa-users] ipa-server-install & certificates

On 11/15/2016 01:47 PM, Leo Baltus wrote: Hi, (first time user, firts post on this ML) I am setting up ipa-server on a fresh CentOS-7 system. After running: /usr/sbin/ipa-server-install -U --realm XXXY.NL --domain xxxy.nl \ --admin-password foobarxy --ds-password foobarxy \

[Freeipa-users] Wrong timestamp on ipaclient-install.log file and authentication problem

Hi, I am trying to make ipa-client-install work on Ubuntu 14.04.5. Everything works except it doesn't get ldap users from IPA Master. I dig issue a little bit and found out that ipaclient-install.log under /var/log/ directory uses wrong timestamp. Ubuntu's date is correct, it is set to Istanbul

Re: [Freeipa-users] Differences between "ipa-replica-manage connect --winsync..." and ipa-adtrust-install ... ipa trust-add...

On 15.11.2016 15:33, James Harrison wrote: Hello, Are there any differences between establishing a Replication Agreement using "ipa-replica-manage connect --winsync" and establishing an AD Trust Relationship using the commands ipa-adtrust-install ... ipa trust-add ... Are they used

[Freeipa-users] Differences between "ipa-replica-manage connect --winsync..." and ipa-adtrust-install ... ipa trust-add...

Hello,Are there any differences between establishing a Replication Agreement using "ipa-replica-manage connect --winsync"  and establishing an AD Trust Relationship using the commands  ipa-adtrust-install ...  ipa trust-add ... Are they used together or are they different methods to accomplish

[Freeipa-users] State of External Users feature

The documentation about "External Users in FreeIPA" ( http://www.freeipa.org/page/External_Users_in_IPA) has not been updated for quite some time. What is the current state of this feature? Is it still on the roadmap? Best regards, Christoph -- Manage your subscription for the Freeipa-users

[Freeipa-users] ipa-server-install & certificates

Hi, (first time user, firts post on this ML) I am setting up ipa-server on a fresh CentOS-7 system. After running: /usr/sbin/ipa-server-install -U --realm XXXY.NL --domain xxxy.nl \ --admin-password foobarxy --ds-password foobarxy \ --idstart 5000 \ --no-ntp Connecting my

[Freeipa-users] krb5 and nfsv4 not working right

Hi guys, I've followed every guide I can find on this subject. What I'm trying to is to get our home directories which are shared via NFS from the FreeIPA server mounted via autofs on the clients. The client is kact-man-001 and the FreeIPA server is kact-adm-001 /etc/exports: I've done the

Re: [Freeipa-users] How to verify user with proxy server

On 11/15/2016 09:38 AM, 郑磊 wrote: > Thanks for your reply. I may not have described clearly. My use case is that > I > have a freeipa user that uses password auth type by default, and I want to > use > radius auth tpye to verify user according to 3rd-party radius server. FreeIPA is able to

Re: [Freeipa-users] How to verify user with proxy server

Thanks for your reply. I may not have described clearly. My use case is that I have a freeipa user that uses password auth type by default, and I want to use radius auth tpye to verify user according to 3rd-party radius server. -- 祝： 工作顺利！生活愉快！