On 24.11.2016 06:08, TomK wrote:
> On 11/23/2016 3:28 AM, Martin Basti wrote:
>>
>>
>> On 23.11.2016 03:48, TomK wrote:
>>> On 11/22/2016 10:22 AM, Martin Basti wrote:
On 22.11.2016 13:57, TomK wrote:
> On 11/22/2016 2:59 AM, Martin Basti wrote:
>> Hey,
>>
>>
>> O
Hello Guys, we need help to establish a trust from freeipa to ad. Ad users
should be able to access to linux environment, but linux users not to ad
environment.
our setup:
AD Domain:
domain.com, there we have two AD-Controllers installed wird Windows Server
2008. All users are managed here.
I
.. in order to satisfy classic Samba (which still uses
openldap for user db backend but needs computer unix
account) which complains:
Failed to find a Unix account for yourcomp$
?
many thanks,
L.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/l
On Thu, 2016-11-24 at 12:59 +, lejeczek wrote:
> .. in order to satisfy classic Samba (which still uses
> openldap for user db backend but needs computer unix
> account) which complains:
> Failed to find a Unix account for yourcomp$
>
> ?
If this is on a client machine for its own computer
On 24/11/16 15:10, Simo Sorce wrote:
On Thu, 2016-11-24 at 12:59 +, lejeczek wrote:
.. in order to satisfy classic Samba (which still uses
openldap for user db backend but needs computer unix
account) which complains:
Failed to find a Unix account for yourcomp$
?
If this is on a client m
I'm writing a bit of code using ipalib directly, I'm a little stuck on
authentication though.
It works fine if grab a Kerberos ticket with kinit then run the code
interactively, but I'd like to run this as a daemon which makes maintaining a
ticket tricky.
What other options are there for authe
On 11/24/2016 04:27 PM, Adam Bishop wrote:
I'm writing a bit of code using ipalib directly, I'm a little stuck on
authentication though.
It works fine if grab a Kerberos ticket with kinit then run the code
interactively, but I'd like to run this as a daemon which makes maintaining a
ticket tr
On to, 24 marras 2016, Adam Bishop wrote:
I'm writing a bit of code using ipalib directly, I'm a little stuck on
authentication though.
It works fine if grab a Kerberos ticket with kinit then run the code
interactively, but I'd like to run this as a daemon which makes
maintaining a ticket tricky
On 24.11.2016 16:57, Alexander Bokovoy wrote:
On to, 24 marras 2016, Adam Bishop wrote:
I'm writing a bit of code using ipalib directly, I'm a little stuck on
authentication though.
It works fine if grab a Kerberos ticket with kinit then run the code
interactively, but I'd like to run this as
On 2016-11-24 16:27, Adam Bishop wrote:
> I'm writing a bit of code using ipalib directly, I'm a little stuck on
> authentication though.
>
> It works fine if grab a Kerberos ticket with kinit then run the code
> interactively, but I'd like to run this as a daemon which makes maintaining a
> ti
.. for entities outside of it's own domain?
Would you use IPA this way?
I'm thinking - it would be nice that have one central
point(console) and manage all my "virtual" domains
certification, but, I'm not an expert on the subject.
And if yes then what would be the steps?
mthx,
L.
--
Manage y
On 24 Nov 2016, at 16:18, Christian Heimes wrote:
> for a service you can use a Kerberos keytab to authenticate. A keytab
> can be requested with ipa-getkeytab. The command will replace the
> password of the service with a random one.
Thanks everyone, I think using a key tab will be fine; having
4.2 is a one-way trust, by design.
http://www.freeipa.org/page/V4/One-way_trust
-Jake
From: "Denis Müller"
To: "freeipa-users"
Sent: Thursday, November 24, 2016 7:48:50 AM
Subject: [Freeipa-users] Can't establish a trust to AD
Hello Guys, we need help to establish a trust from freeipa
hi
I see this:
2 ranges matched
Range name: xx.id_range
First Posix ID of the range: 195240
Number of IDs in the range: 20
First RID of the corresponding RID range: 0
Domain SID of the trusted domain:
S-1-5-21-1144915091-2252175215-702530032
Range type: Act
On to, 24 marras 2016, Denis Müller wrote:
Hello Guys, we need help to establish a trust from freeipa to ad. Ad
users should be able to access to linux environment, but linux users
not to ad environment.
our setup:
AD Domain:
domain.com, there we have two AD-Controllers installed wird Windows
S
On 24/11/16 17:14, lejeczek wrote:
hi
I see this:
2 ranges matched
Range name: xx.id_range
First Posix ID of the range: 195240
Number of IDs in the range: 20
First RID of the corresponding RID range: 0
Domain SID of the trusted domain:
S-1-5-21-1144915091-2
On Thu, Nov 24, 2016 at 04:19:03PM +, lejeczek wrote:
> .. for entities outside of it's own domain?
> Would you use IPA this way?
>
> I'm thinking - it would be nice that have one central point(console) and
> manage all my "virtual" domains certification, but, I'm not an expert on the
> subjec
On 11/24/2016 4:49 AM, Petr Spacek wrote:
On 24.11.2016 06:08, TomK wrote:
On 11/23/2016 3:28 AM, Martin Basti wrote:
On 23.11.2016 03:48, TomK wrote:
On 11/22/2016 10:22 AM, Martin Basti wrote:
On 22.11.2016 13:57, TomK wrote:
On 11/22/2016 2:59 AM, Martin Basti wrote:
Hey,
On 22.11.
On 11/16/2016 11:23 AM, Sean Hogan wrote:
Yes... just got 2 of them from same address.. kimi rachel
Sean Hogan
Inactive hide details for Tony Brian Albers ---11/15/2016 11:54:35
PM---Hehe, just you wait Lachlan ;) /tonyTony Brian Albers ---11/15/2016
11:54:35 PM---Hehe, just you wait
Yeah, im getting spam too!
Denis
Am Freitag, den 25.11.2016, 00:15 -0500 schrieb TomK:
On 11/16/2016 11:23 AM, Sean Hogan wrote:
Yes... just got 2 of them from same address.. kimi rachel
Sean Hogan
Inactive hide details for Tony Brian Albers ---11/15/2016 11:54:35
PM---Hehe, just
On 11/24/2016 07:30 PM, lejeczek wrote:
On 24/11/16 17:14, lejeczek wrote:
hi
I see this:
2 ranges matched
Range name: xx.id_range
First Posix ID of the range: 195240
Number of IDs in the range: 20
First RID of the corresponding RID range: 0
Domain SID of t
21 matches
Mail list logo
