On Jun 7, 2012, at 5:27 PM, Nalin Dahyabhai wrote:
On Thu, Jun 07, 2012 at 05:03:11PM -0400, Ian Levesque wrote:
Hello,
I've read that the schema compatibility plugin should provide a vanilla RFC
2307 view of groups with memberUid attributes. I need this for our OS X
clients, which
On Jun 7, 2012, at 6:46 PM, Nalin Dahyabhai wrote:
On Thu, Jun 07, 2012 at 05:56:14PM -0400, Ian Levesque wrote:
On Jun 7, 2012, at 5:44 PM, Nalin Dahyabhai wrote:
ldapsearch -h sbgrid-directory -Y GSSAPI \
-b cn=Schema Compatibility,cn=plugins,cn=config \
nsslapd-pluginEnabled
On May 16, 2012, at 3:57 PM, Rob Crittenden wrote:
Ian Levesque wrote:
Hi Rob, et al -
I tried again, and am pasting all the output below. Is there something I'm
missing?
Drop the = with -w. You're passing the password as =foobar.
Do not use a = with single dash options, only double
Hi,
I'm running ipa-server-2.1.3-9, trying to perform our first bulk-add of hosts
via kickstart. Unfortunately, it's not working via kickstart and when I try
running the commands by hand on a freshly-installed host, it still fails with
kinit: Client not found in Kerberos database while getting
On May 15, 2012, at 2:59 PM, Ian Levesque wrote:
# /usr/sbin/ipa-client-install --domain=in.hwlab
--principal=HOST/ian-ultra24-dmz.in.hwlab -w=foobar --realm=SBGRID.ORG
--server=sbgrid-directory.in.hwlab --unattended
DNS domain 'sbgrid.org' is not configured for automatic KDC address
On May 15, 2012, at 6:14 PM, Rob Crittenden wrote:
# /usr/sbin/ipa-client-install --domain=in.hwlab
--principal=HOST/ian-ultra24-dmz.in.hwlab -w=foobar --realm=SBGRID.ORG
--server=sbgrid-directory.in.hwlab --unattended
DNS domain 'sbgrid.org' is not configured for automatic KDC address
Hi,
I'm curious how members of this list are monitoring their IPA servers'
replication status. `ipa-replica-manage list` doesn't actually tell you if your
replica is working. I just realized that our replica's IPA processes were hung
(likely as a result of suspending resuming the VM it's
On Feb 10, 2012, at 1:36 PM, Rich Megginson wrote:
This may be related to https://fedorahosted.org/389/ticket/273 and
https://fedorahosted.org/389/ticket/274 which have been fixed in
1.2.10
In this case Ian please open a bugzilla, it looks like we need to
address this in RHEL6.
I'll
On Feb 9, 2012, at 1:57 PM, Simo Sorce wrote:
On Tue, 2012-02-07 at 23:19 -0500, Ian Levesque wrote:
On the replica:
[21/29]: setting up initial replication
Starting replication, please wait until this has completed.
[sbgrid-directory.in.hwlab] reports: Update failed
On Feb 9, 2012, at 4:59 PM, Rich Megginson wrote:
I think you failed to properly clean=up before reinstalling the replica.
On the replica make sure you run:
ipa-server-install --uninstall
On the primary:
ipa-replica-manage --force del sbgrid-directory-replica.in.hwlab
You will have
OK, that's good to know. So, assuming the problem is that there was an
invalid cached credential getting in the way, here's what I did to attempt a
reconfiguration of the replica:
replica: ipa-server-install --uninstall reboot
primary: ipa-replica-manage --force del
Hello,
On our production IPA servers, we have been running in a multi-master state
successfully for several weeks. Yesterday, while attempting to modify some
permissions and roles using the web UI, we had an odd problem where the web UI
became unresponsive. In an attempt to resolve the issue,
On Feb 7, 2012, at 3:39 PM, Rob Crittenden wrote:
snip
Strange. Is your 389-ds instance running? If so can you run this query:
ldapsearch -x -b 'cn=services,cn=accounts,dc=sbgrid,dc=org'
'(krbprincipalname=*sbgrid-directory*)'
I have the feeling that the principals for your IPA server
-replica.in.hwlab: master
Thanks for your continued interest.
~irl
--
Ian Levesque
Research Systems Architect
Harvard Medical School
Structural Biology Grid
http://cmcd.hms.harvard.edu
http://core.sbgrid.org
___
Freeipa-users mailing list
Freeipa-users
On Jan 18, 2012, at 2:08 PM, Stephen Gallagher wrote:
On Wed, 2012-01-18 at 12:17 -0500, Ian Levesque wrote:
Hello,
I'm running IPA version 2.1.3-9 on RHEL 6.2 and just configured
master/master replication. From what I can tell in the documentation
[1], all of the client-discovering
Hello,
I've upgraded a FreeIPA server to RHEL 6.2 (from 6.1), putting me at version
2.1.3-9. Since the upgrade, I haven't been able to change any existing
passwords, all I get is an Authentication token manipulation error.
Newly-created accounts don't have this problem. I /can/ login using my
schema because radiusprofile was a previously-included objectClass. I guess
the upgraded server didn't include that schema. After ldapmodifying the user
accounts to remove that objectClass, we're back in business.
~irl
On Jan 4, 2012, at 6:32 PM, Ian Levesque wrote:
Hello,
I've upgraded
Hello,
I'm running version 2.0.0-23 under Scientific 6.1. I've noticed that users in
the User Administrator role, don't have access via the web UI to actually
manage groups. The only link under Identity is Users. CLI management works
as expected. Is this a known bug with the relatively old
18 matches
Mail list logo