asking
you this is just because I have followed so many guides already and I even
tried a separate Ubuntu NFS server which also didn't work.
If this approach of using FreeIPA + NFSv4 works is there any recommended
scenario that would lead to a working solution between them?
Thank you very much.
A
Good morning, my name is Arthur and I am working on the integration of
FreeIPA and NFSv4 mounting for home directory sharing for authenticated
users.
This is the first time I am doing this so the problem could be simple. It's
been already a week that I have been struggling with this and I
any news? I've tried to make selinux permissive and write new policy,
that didn't help.
require {
type ipa_var_lib_t;
type named_t;
class dir read;
class file { write open lock read getattr };
}
#= named_t ==
allow named_t ipa_var_lib_t:dir
ground run should shed some light. Also, does your
> autofs setup work without kerberos ? As a first step it to work with
> non-kerberised nfs.
>
> On Mon, May 23, 2016 at 11:06 AM, Arthur Fayzullin <mailto:art...@deus.pro>> wrote:
>
> Good day, colleagues!
>
lso, does your
> autofs setup work without kerberos ? As a first step it to work with
> non-kerberised nfs.
>
> On Mon, May 23, 2016 at 11:06 AM, Arthur Fayzullin <mailto:art...@deus.pro>> wrote:
>
> Good day, colleagues!
> I am confused about how automount work a
Good day, colleagues!
I am confused about how automount work and howto configure it. I have
tried to configure it according to
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html
document (paragraph 9.1.1 and
Thank for such good explanation! that has pointed my search.
I have succeed in integration freeradius with freeipa by help of
William Brown and his blog. Thanks to Him :-)
Links to related articles in his blog:
first part: https://firstyear.id.au/entry/22
second part: https://firstyear.id.au/entry
Bingo!!!
that it is!!!
dm password contains % - symbol!
I am not sure but with previous versions that have not caused any problem.
Thanks a lot!
11.01.2016 16:48, Martin Kosek пишет:
> On 01/11/2016 12:01 PM, Arthur Fayzullin wrote:
>> Good day, Colleagues!
>>
>> And Ha
Good day, Colleagues!
And Happy New Year!
I have tried to install test stend with ipa v4.2 and 2 master-master
servers.
files /etc/hosts on both servers contain:
127.0.0.1 localhost localhost.localdomain localhost4
localhost4.localdomain4
::1 localhost localhost.localdomain localhost6
I think these are the good points to start:
https://www.eduroam.us/node/90
http://wiki.freeradius.org/modules/Rlm_krb5
I You'll be succeeded how-to will be awesome ;-)
09.12.2015 19:52, Randy Morgan пишет:
> Hello,
>
> We are setting up our wireless to authenticate against FreeRadius and
> FreeIP
В Пн, 11/05/2015 в 11:35 -0400, Dmitri Pal пишет:
> AFAIR some time ago we stopped fetching host cert by default. There was
> no use of it so we decided not issue a cert that has not practical use.
>
> --
> Thank you,
> Dmitri Pal
>
> Director of Engineering for IdM portfolio
> Red Hat, Inc.
>
Have a nice day!
I think that I have found somethings that are mispresent and unpresent in
documentation.
I have tried to configure debian jessie as a freeipa client. This has been done
in 2 ways:
* reference instalation:
I have installed freeipa-client package from sid and configured host by r
I've got something like this:
$ sudo firewall-cmd --permanent --list-all
[sudo] password for afayzullin:
public (default)
interfaces:
sources:
services: dhcpv6-client dns http https kerberos kpasswd ldap ldaps ntp ssh
ports: 7389/tcp
masquerade: no
forward-ports:
icmp-blocks:
rich
Can confirm that does work :)
21.08.2014 12:40, Lukas Slebodnik пишет:
> On (20/08/14 20:27), Chris Whittle wrote:
>> Is there instructions anywhere? My FreeIPA 3 on CentOS died so I'm
>> starting over
> You can try FreeIPA 3.3. on CentOS 7
>
> bash-4.2# yum info ipa-server
> Loaded plugins: fast
Running IPA as a bunch of containers can reduce size of each one. Of
course then total size will be much greater.
10.06.2014 18:10, Jan Pazdziora пишет:
> On Tue, Jun 10, 2014 at 05:27:40PM +0600, Arthur Fayzullin wrote:
>> HI!
>> Alexandr, I've seen Your presentation at Red
HI!
Alexandr, I've seen Your presentation at RedHat forum. Very good
presentation! :)
I've got a question about FreeIPA from that presentation. Of course
question is not only for You.
So, the question:
Are there any plans for integration freeipa-server with containers?
* working freeipa as a single
If this
http://www.freeipa.org/page/Howto/ISC_DHCPd_and_Dynamic_DNS_update is it,
then it is quite not easy to understand what is it about.
here, in mail-list it was much more understandable.
10.04.2014 00:20, Dmitri Pal ?:
> On 04/09/2014 11:58 AM, Andy Tomlin wrote:
>> Ok, I added a howto pa
FIX! Sssd keeps running after I've done this command, but anyway I have
to do:
# chkconfig sssd on
or it will not start at next boot.
24.03.2014 19:11, Arthur Faizullin пишет:
> OK! everything work right!
> 29.12.2013 13:13, Arthur пишет:
>> Ok. I'll try to check tha
OK! everything work right!
29.12.2013 13:13, Arthur пишет:
> Ok. I'll try to check that. I am away right now.
> 26.12.2013 10:19, Christian Horn пишет:
>> Hi,
>>
>> On Thu, Dec 26, 2013 at 11:59:28AM +0600, Arthur Faizullin wrote:
>>> As I mentioned e
Dmitri Pal wrote:
On 03/20/2014 11:15 PM, Arthur Faizullin wrote:
HI!
I've got some thoughts on 4-th point: there is a http://pgina.org/ pgina
project, may be them are able to do such thing.
Yes pgina is one of the options.
Someone would have to take it and integrate with MIT Kerbero
Will it be represented in documentation&wiki? :)
25.02.2014 18:33, Jakub Hrozek пишет:
> On Tue, Feb 25, 2014 at 10:28:19AM +0100, Stanislav Zidek wrote:
>>> Date: Fri, 17 Jan 2014 09:46:08 -0500
>>> From: Dmitri Pal
>>> To: freeipa-users@redhat.com
>>> Subject: Re: [Freeipa-users] SSSD Failover
HI!
I've got some thoughts on 4-th point: there is a http://pgina.org/ pgina
project, may be them are able to do such thing.
20.02.2014 04:23, Dmitri Pal пишет:
> Hello,
>
> I want to summarize our position regarding joining Windows systems
> into IPA.
>
> 1) If you already have AD we recommend us
Ok. I'll try to check that. I am away right now.
26.12.2013 10:19, Christian Horn пишет:
> Hi,
>
> On Thu, Dec 26, 2013 at 11:59:28AM +0600, Arthur Faizullin wrote:
>> As I mentioned earlier in my previous topic, when I do:
>> # authconfig --enablemkhomedir update
.
If it is normal way, then it is not mentioned in documentation.
Is it something to open bug-report? (and what is it about: documentation
or software?)
_
Best regards, Arthur Fayzullin
___
Freeipa-users mailing list
Freeipa
I do not know, may be I am wrong somewhere, but I did not make any extra
things with config files, just run ipa-client-install and everything
seemed works fine.
that worked for f17, f18, f19 with ipa-server on CentOS 6.3&6.4.
Jakub Hrozek wrote:
On Thu, Nov 07, 2013 at 09:44:21AM +0200, Alexan
I have not rebooted whale machine. everything worked fine.
May be just try to restart gdm?
# systemctl restart gdm.service
В Ср, 06/11/2013 в 22:13 -0600, Dean Hunter пишет:
> After building a new VM and configuring the IPA 3.3.2 client, Gnome
> seems to only perform a local log-in until the syste
if certmonger will keep be tracking these file in case
of owner changed.
В Чт, 07/11/2013 в 10:49 +0600, Arthur Faizullin пишет:
> В Ср, 06/11/2013 в 14:52 +0200, Alexander Bokovoy пишет:
> > On Wed, 06 Nov 2013, Arthur Faizullin wrote:
> > >Исаев Виталий Анатольевич has give
c/pki/tls/private/postgresql.key
it seems to be starting well!
But since I've changed the owner of key-file and certificate-file will
certmonger still be monitoring these files?
В Чт, 07/11/2013 в 10:53 +0600, Arthur Faizullin пишет:
> В Ср, 06/11/2013 в 08:44 -0500, Rob Crittenden пишет:
В Ср, 06/11/2013 в 08:44 -0500, Rob Crittenden пишет:
> Dmitri Pal wrote:
> > On 11/06/2013 07:01 AM, Arthur Faizullin wrote:
> >> Исаев Виталий Анатольевич has give me advise that the
> >> problem may be in Selinux.
> >> so I has stoped tracking previous req
В Ср, 06/11/2013 в 14:52 +0200, Alexander Bokovoy пишет:
> On Wed, 06 Nov 2013, Arthur Faizullin wrote:
> >Исаев Виталий Анатольевич has give me advise that the
> >problem may be in Selinux.
> >so I has stoped tracking previous request by
> >$ sudo ipa-getcert stop
ons with Selinux.
В Ср, 06/11/2013 в 14:16 +0600, Arthur Faizullin пишет:
> Hi, everyone!
> I feel myself very uncomfortable asking this question, since usually I
> found documentation easy to understand&read. (Thanks for that!)
> But there is the point, that I could not understand.
>
Is it
http://www.freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP
about the same?
В Пт, 19/07/2013 в 10:56 +0530, M.R Niranjan пишет:
> On 07/19/2013 06:57 AM, craig.free...@noboost.org wrote:
> > Hi,
> >
> > I've been using Redhat IPA 2.2 as our internal CA quite successfully
> > for a
В Fri, 12 Jul 2013 19:57:09 +0200
Alexandre Ellert пишет:
> Thanks for pointing that bug, compilation succeeded if adding
> "X-Python-Version: 2.7" to debian/control file. Now, testing
> functionality... I can give you some feedback if you want (i'm new
> here. Is there only RHEL/Fedora users on
29.04.2013 15:09, Артур Файзуллин пишет:
В Пн., 29/04/2013 в 09:48 +0200, Petr Spacek пишет:
On 29.4.2013 08:40, Артур Файзуллин wrote:
В Пн., 29/04/2013 в 08:11 +0300, Alexander Bokovoy пишет:
Bind 10 module is on our radar.
There is not much to add. I'm in touch with one Bind 10 developer a
28.06.2013 18:57, Simo Sorce пишет:
On Fri, 2013-06-28 at 14:09 +0800, Mail Robot wrote:
Hi everyone,
I am new to this mailing list.
At the moment I would like to migrate all of my users from Microsoft
Active Directory to Open Source, and what I have in mind is getting it
into Samba 4.
In
11.05.2013 21:23, Dean Hunter пишет:
Please help me find instructions on configuring NFS auto-mount user home
directories. The FreeIPA Guide very carefully says:
IMPORTANT
FreeIPA does not set up or configure autofs. That must be done
separately. FreeIPA works with an existing autofs de
24.03.2013 04:27, Martin пишет:
Hello, apologize if this is a faq.
We're trying to set up a file server that authenticate all users against
a FreeIPA-server. The systems are up to date CentOS 6 machines and
everything works just swell for logins and NFS4-mounts. However, we're
completely stuck o
HI!
I have configured sssd_sudo integration on EL6.4 and it works nice!
But then I've checked this:
[afaizullin@domen00 ~]$ sudo package-cleanup --leaves
[sudo] password for afaizullin:
Loaded plugins: fastestmirror
libertas-usb8388-firmware-5.110.22.p23-3.1.el6.noarch
libhugetlbfs-utils-2.12-2.el
38 matches
Mail list logo