Re: [Freeipa-users] Backend & UI plugin update for 4.4.x

And now I'm convinced this has nothing to do with my plugin and instead is a bug somewhere in FreeIPA. I removed the entirety of the "astrocustom" plugin that I wrote, restarted httpd, and force reloaded the page in chrome. I clicked to add a new user, gave the basic information, and clicked "add

[Freeipa-users] HBAC trust groups inconsistent

Hello, I have been testing Freeipa since 4.2 and am very impressed overall. A pending issue I have not been able to resolve is getting HBAC to work consistently. I’m limited to an AD-trust scenario where AD groups are mapped to Posix groups. While ‘id user@domain’ will return all groups for new

Re: [Freeipa-users] be_pam_handler_callback Backend returned: (3, 4, ) [Internal Error (System error)]

On 01/24/2017 04:18 PM, Harald Dunkel wrote: Hi Thierry, On 01/24/17 15:01, thierry bordaz wrote: Hopefully yes, but there were 2 conflicts that already made some problems: deleting entry "cn=ipaservers+nsuniqueid=109be304-ccd911e6-a5b3d0c8-d8da17db,cn=ng,cn=alt,dc=example,dc=de"

Re: [Freeipa-users] be_pam_handler_callback Backend returned: (3, 4, ) [Internal Error (System error)]

Hi Thierry, On 01/24/17 15:01, thierry bordaz wrote: >> Hopefully yes, but there were 2 conflicts that already made some >> problems: >> >> deleting entry >> "cn=ipaservers+nsuniqueid=109be304-ccd911e6-a5b3d0c8-d8da17db,cn=ng,cn=alt,dc=example,dc=de" >> ldap_delete: Server is unwilling to

Re: [Freeipa-users] be_pam_handler_callback Backend returned: (3, 4, ) [Internal Error (System error)]

On 01/24/2017 02:22 PM, Harald Dunkel wrote: On 01/24/17 12:57, thierry bordaz wrote: If I understand correctly the iterations of development I do not understand why, at this point, you need to reconnect ipabak. After you create ipabak replica, you take a snapshot of it (let ipabak_0), then

Re: [Freeipa-users] be_pam_handler_callback Backend returned: (3, 4, ) [Internal Error (System error)]

On 01/24/17 12:57, thierry bordaz wrote: > > If I understand correctly the iterations of development I do not understand > why, at this point, you need to reconnect ipabak. > After you create ipabak replica, you take a snapshot of it (let ipabak_0), > then disconnect it from ipa1/ipa2. > > Then

Re: [Freeipa-users] be_pam_handler_callback Backend returned: (3, 4, ) [Internal Error (System error)]

On 01/24/2017 12:36 PM, Harald Dunkel wrote: Hi Thierry, On 01/23/17 17:45, thierry bordaz wrote: On 01/23/2017 05:09 PM, Harald Dunkel wrote: I created a full replica (including CA) in an LXC container today ("ipabak"). The idea is to take a snapshot of the whole container, run ipabak with

Re: [Freeipa-users] be_pam_handler_callback Backend returned: (3, 4, ) [Internal Error (System error)]

Hi Thierry, On 01/23/17 17:45, thierry bordaz wrote: > > > On 01/23/2017 05:09 PM, Harald Dunkel wrote: >> >> I created a full replica (including CA) in an LXC container today >> ("ipabak"). The idea is to take a snapshot of the whole container, >> run ipabak without network connection, and then