Re: [Freeipa-users] Upgrade from IPA 4.2

2017-04-05 Thread Andrey Ptashnik
Thank you for hint, Martin! Looks like upgrade went smooth just with yum upgrade. Following multi step upgrade in previous versions I was hesitant this time. Andrey From: Martin Bašti mailto:mba...@redhat.com>> Date: Wednesday, April 5, 2017 at 4:11 AM To: Lachlan Musicman mailto:data...@gmail.

Re: [Freeipa-users] getcert, multiple alternative names (SANs), and wildcard certificates

2017-04-05 Thread Wim Lewis
With a bit of tweaking, I was able to generate a usable certificate by creating a second host entry, 'wildcard.blah.example.com', managed by blah.example.com, and then editing the leftmost label from 'wildcard' to '*' in all of the host's LDAP entry's properties. On Apr 3, 2017, at 6:41 PM, F

[Freeipa-users] Creating trust relationship that survive password rotation

2017-04-05 Thread William Muriithi
Good evening, I am looking through the IPA documentation and it looks like I will need a password that don't expire on the active directory side. These are the two documented ways. ipa trust-add --type=ad ad.example.com --admin Administrator –password ipa trust-add --type=ad ad.example.com --tru

[Freeipa-users] How long should it take to propagate user role changes?

2017-04-05 Thread Greg Gilbert
Hey. I'm a bit new to FreeIPA, so apologies if this has already been addressed. For reference, I'm running FreeIPA 4.4 server on CentOS 7, and FreeIPA client 4.3.1 on Ubuntu nodes. I've noticed that when I make changes to policies, it either takes a long time to propagate out to the client nod

[Freeipa-users] LDAPcon 2017

2017-04-05 Thread Rich Megginson
This year's LDAPcon 2017 will be in Bruxelles 19th-20th October, 2017. Kudos to Paola PENATI and Benoit MORTIER at OpenSides for organizing the event. If you'd like to submit a conference talk then please have a look at the CfP: https://ldapcon.org/2017/call-for-papers/ Submission deadline

Re: [Freeipa-users] Upgrade from IPA 4.2

2017-04-05 Thread Martin Bašti
On 04/04/2017 02:23 AM, Lachlan Musicman wrote: On 4 April 2017 at 04:28, Andrey Ptashnik > wrote: Hello, We have Centos 7.2 and IPA 4.2 version. I remember that in previous versions in order to upgrade to the latest one I had to run IPA upgrade s