Rob Crittenden; Joseph, Matthew (EXP); freeipa-users@redhat.com
Subject: EXTERNAL: Re: [Freeipa-users] Multiple CA certificates (for PassSync)
On 07/09/2015 07:23 AM, Rob Crittenden wrote:
> Joseph, Matthew (EXP) wrote:
>> Hello,
>>
>> We are currently in the process of repla
Hello,
We are currently in the process of replacing our IdM 3.x server with 4.x.
There are going to be some major directory changes during the upgrade so I need
to keep both the old and new IdM servers up and running separately.
Part of our configuration is using the password sync between IdM an
ginal Message-
From: Jakub Hrozek [mailto:jhro...@redhat.com]
Sent: Thursday, April 16, 2015 10:56 AM
To: Joseph, Matthew (EXP)
Cc: freeipa-users@redhat.com
Subject: Re: EXTERNAL: Re: [Freeipa-users] Usernames not being seen on IPA
Master
On Thu, Apr 16, 2015 at 01:42:52PM +0000, Joseph, Matthew
ment", 18) = 18
write(2, "\n", 1) = 1
close(1)= 0
close(2)= 0
close(3)= 0
exit_group(1) = ?
Thanks,
Matt
-Original Message-
Hello,
I'm running into an issue where a new user account created on the master server
is not being seen for changing file permissions and such.
I can login using the newly created user account but when I try to change
permissions on a file/directory it comes up with the following error;
Chown:
I was able to get the group modified and deleted with your commands Rob.
Thank you very much for the help.
Matt
-Original Message-
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: Tuesday, April 14, 2015 3:16 PM
To: Joseph, Matthew (EXP); freeipa-users@redhat.com
Subject: Re
:rcrit...@redhat.com]
Sent: Tuesday, April 14, 2015 2:32 PM
To: Joseph, Matthew (EXP); freeipa-users@redhat.com
Subject: Re: EXTERNAL: Re: [Freeipa-users] Can't delete group because it states
it's not found
Joseph, Matthew (EXP) wrote:
> Hey Rob,
>
> So I did the following co
iqueid and still the same
results.
Matt
-Original Message-
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: Tuesday, April 14, 2015 12:01 PM
To: Joseph, Matthew (EXP); freeipa-users@redhat.com
Subject: EXTERNAL: Re: [Freeipa-users] Can't delete group because it states
it
ilto:rcrit...@redhat.com]
Sent: Tuesday, April 14, 2015 12:01 PM
To: Joseph, Matthew (EXP); freeipa-users@redhat.com
Subject: EXTERNAL: Re: [Freeipa-users] Can't delete group because it states
it's not found
Joseph, Matthew (EXP) wrote:
> Hello,
>
>
>
> I'm trying
esday, April 14, 2015 12:01 PM
To: Joseph, Matthew (EXP); freeipa-users@redhat.com
Subject: EXTERNAL: Re: [Freeipa-users] Can't delete group because it states
it's not found
Joseph, Matthew (EXP) wrote:
> Hello,
>
>
>
> I'm trying to delete a group in IdM but when I do
Hello,
I'm trying to delete a group in IdM but when I do a ipa group-del "group" it
states the following;
Ipa: ERROR: "group": group not found
I do an ipa group-find and it displays the group with the current memebers.
I look in the WebgUI and I can see the group in there but it has no
informa
Hey Suhail,
Issue has been resolved; it was actually my replica server being about 10
minutes out of sync from the master which was causing the credential errors.
Matt
From: Choudhury, Suhail [mailto:suhail.choudh...@bskyb.com]
Sent: Wednesday, July 30, 2014 9:00 AM
To: Joseph, Matthew (EXP
using 2.2.0-16
Thanks guys.
-Original Message-
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Joseph, Matthew (EXP)
Sent: Tuesday, July 29, 2014 9:15 AM
To: Simo Sorce
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] EXTERNAL: Re
-boun...@redhat.com] On Behalf Of Joseph, Matthew (EXP)
Sent: Tuesday, July 29, 2014 7:22 AM
To: Simo Sorce
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] EXTERNAL: Re: IPA Replica Issues
Sorry I should clarify what is weird is I supply the Directory Manager password
and it'
http://www.freeipa.org/page/Howto/Change_Directory_Manager_Password
I've tried supplying both the old and the new Directory manager password but
neither are working.
-Original Message-
From: Simo Sorce [mailto:s...@redhat.com]
Sent: Monday, July 28, 2014 5:04 PM
To: Joseph, Matthew (EXP
t.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Mark Heslin
Sent: Monday, July 28, 2014 3:27 PM
To: freeipa-users@redhat.com
Subject: EXTERNAL: Re: [Freeipa-users] IPA Replica Issues
On 07/28/2014 02:12 PM, Mark Heslin wrote:
On 07/28/2014 12:46 PM, Joseph, Matthew (EXP) wrote:
Hello,
: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Mark Heslin
Sent: Monday, July 28, 2014 3:13 PM
To: freeipa-users@redhat.com
Subject: EXTERNAL: Re: [Freeipa-users] IPA Replica Issues
On 07/28/2014 12:46 PM, Joseph, Matthew (EXP) wrote:
Hello,
I'm curr
Hello,
I'm currently running into some issues with my replica server.
I noticed it wasn't getting any updates from the master server so I tried to do
a force-sync but it states that it is an "invalid password" which I know it is
not the case.
I tried doing an ipa-replica-manager list replica_se
7, 2014 11:36 AM
To: Nalin Dahyabhai; Joseph, Matthew (EXP)
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] EXTERNAL: Re: NIS Compat issues
Nalin Dahyabhai wrote:
> On Tue, Jan 07, 2014 at 05:22:22AM -0500, Joseph, Matthew (EXP) wrote:
>> When I run ypcat on the IPA servers it
have them all go
through NIS. I had it working for a good year and then it just stopped.
From: Ondrej Valousek [mailto:ovalou...@vendavo.com]
Sent: Tuesday, January 07, 2014 11:44 AM
To: Joseph, Matthew (EXP); Petr Spacek; Rob Crittenden; d...@redhat.com;
freeipa-users@redhat.com
Subjec
ut are the ipa-nis-manage and ipa-compat-manage commands not
used to enable the NIS compatibility mode?
From: Ondrej Valousek [mailto:ovalou...@vendavo.com]
Sent: Tuesday, January 07, 2014 11:12 AM
To: Joseph, Matthew (EXP); Petr Spacek; Rob Crittenden; d...@redhat.com;
freeipa-users@redhat.com
S
do a ypcat since it can't find the maps which I would assume
live under that domainname folder.
Any ideas?
-Original Message-
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Joseph, Matthew (EXP)
Sent: Tuesday, January 07, 2014 9:23 A
uesday, January 07, 2014 6:59 AM
To: Joseph, Matthew (EXP); Rob Crittenden; d...@redhat.com;
freeipa-users@redhat.com
Subject: Re: [Freeipa-users] EXTERNAL: Re: NIS Compat issues
On 7.1.2014 11:22, Joseph, Matthew (EXP) wrote:
> When I run ypcat on the IPA servers it states that ypbind can&
, January 07, 2014 6:59 AM
To: Joseph, Matthew (EXP); Rob Crittenden; d...@redhat.com;
freeipa-users@redhat.com
Subject: Re: [Freeipa-users] EXTERNAL: Re: NIS Compat issues
On 7.1.2014 11:22, Joseph, Matthew (EXP) wrote:
> When I run ypcat on the IPA servers it states that ypbind can't communic
he servers.
Yup, I checked the status of the port to make sure nothing else was using it.
I configured it for an empty port below 1024.
-Original Message-
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: Monday, January 06, 2014 6:13 PM
To: Joseph, Matthew (EXP); d...@redhat.co
those errors came up.
Matt
-Original Message-
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: Thursday, January 02, 2014 2:58 PM
To: Joseph, Matthew (EXP); d...@redhat.com; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] EXTERNAL: Re: NIS Compat issues
Joseph, Matthew (EXP)
: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Dmitri Pal
Sent: Thursday, January 02, 2014 12:13 PM
To: freeipa-users@redhat.com
Subject: EXTERNAL: Re: [Freeipa-users] NIS Compat issues
On 01/02/2014 11:05 AM, Joseph, Matthew (EXP) wrote:
Hello,
I've rec
Hello,
I've recently had to restart my IPA servers and my NIS compatibility mode has
stopped working.
I've configured my IPA server to run in NIS compatibility mode by doing the
following.
[root@ipaserver ~]# ipa-nis-manage enable
[root@ipaserver ~]# ipa-compat-manage enable
Restart the DNS and
Hello,
I've seem to run into an issue with our admin account on our FreeIPA server.
Our password expired (I thought I disabled the password expiration for this
account) and when I run kinit admin it prompts me for a new password.
I type in the old password and then the new one two times but then
Hello,
I am trying to setup the SSL on my Windows 2008 R2 AD server but I am getting
the following error when I try to apply the request.inf changes.
Certreq -submit request.req certnew.cer
The request does not contain a certificate template extension.
So it complains about the [Extensions] fie
ipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Joseph, Matthew (EXP)
Sent: Tuesday, May 14, 2013 8:05 AM
To: freeipa-users@redhat.com
Subject: EXTERNAL: [Freeipa-users] Automount issues
Hello,
I'm currently having issues using automount from my clients.
O
permissions he has. He should
have Read (Also gives him access to Read Domain Password & Lockout Policies and
Read Other Domain Parameters)
Matt
From: James A [mailto:ja...@atia.se]
Sent: Tuesday, May 14, 2013 11:26 AM
To: Joseph, Matthew (EXP)
Cc: freeipa-users@redhat.com
Subject: Re: EXTER
what else might be wrong.
Also is your IPA sync user in the same OU as your normal users?
Matt
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Joseph, Matthew (EXP)
Sent: Tuesday, May 14, 2013 10:50 AM
To: James A
Cc: freeipa-users@redhat.com
S
irectional sync but it never worked for me the way it
was intended and I just stumbled on giving the user only read access to the
domain.
Matt
From: James A [mailto:ja...@atia.se]
Sent: Tuesday, May 14, 2013 10:42 AM
To: Joseph, Matthew (EXP)
Cc: Chris Hudson; freeipa-users@redhat.com
Subject: EX
Hey James,
I configured my IPA server with winsync and I was in the same boat as you.
The IPA user that is created for Active Directory does not require write access
to AD.
My IPA user only has read permissions to the domain and my passwords sync just
fine. When I delete a user from IPA it does
Hello,
I'm currently having issues using automount from my clients.
On my IPA Server and Replica there is no issues trying to mount but when I do
it from a client I get some weird results.
I have a mount point on a server that shows as the following in the IPA GUI.
-rw,soft nfs_server.domain.ca
mailto:jna...@redhat.com]
Sent: Thursday, April 11, 2013 10:18 PM
To: Joseph, Matthew (EXP)
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] EXTERNAL: Re: ipa-replica-install errors
On 04/11/2013 08:55 PM, Joseph, Matthew (EXP) wrote:
> Hey,
>
> Sorry didn't read your full message an
n [mailto:rcrit...@redhat.com]
Sent: Thursday, April 11, 2013 10:13 AM
To: Joseph, Matthew (EXP); Jatin Nansi; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] EXTERNAL: Re: ipa-replica-install errors
Joseph, Matthew (EXP) wrote:
> Hey,
>
> Here is the output;
>
> Server-Cert u,u
Jatin Nansi
Sent: Wednesday, April 10, 2013 9:36 PM
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] EXTERNAL: Re: ipa-replica-install errors
On 04/10/2013 09:55 PM, Joseph, Matthew (EXP) wrote:
>
> Hey,
>
> I'm still trying to figure out this error but I am getting nothin
@redhat.com
Subject: Re: [Freeipa-users] EXTERNAL: Re: ipa-replica-install errors
On 04/10/2013 09:55 PM, Joseph, Matthew (EXP) wrote:
>
> Hey,
>
> I'm still trying to figure out this error but I am getting nothing.
>
> Anyone have any suggestions or ideas on why this is fail
Hey Rob,
Here is the output from cerutil -L -d /etc/dirsrv/slapd-DOMAIN-CA/
Server:
Server-Cert u,u,u
Client:
Server-Cert u,u,u
Matt
-Original Message-
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: Wednesday, April 10, 2013 11:01 AM
To: Joseph, Matthew (EXP); Nathan
Hey Rob,
Yes I've tried to do that. Everytime I try to run an ipa-replica-install I make
sure I create a new replica file from the server.
Matt
-Original Message-
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: Wednesday, April 10, 2013 10:47 AM
To: Joseph, Matthew
Hey,
I'm still trying to figure out this error but I am getting nothing.
Anyone have any suggestions or ideas on why this is failing?
Matt
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Joseph, Matthew (EXP)
Sent: Monday, April 08, 2013 12:
Hey,
Yup, the client side says the following;
Op=-1 fd=64 closed - Peer does not recognize and trust the CA that issued your
certificate.
Matt
From: Nathan Kinder [mailto:nkin...@redhat.com]
Sent: Monday, April 08, 2013 12:28 PM
To: Joseph, Matthew (EXP)
Cc: freeipa-users@redhat.com
Subject
(EXP)
Cc: freeipa-users@redhat.com
Subject: EXTERNAL: Re: [Freeipa-users] ipa-replica-install errors
On 04/04/2013 07:14 AM, Joseph, Matthew (EXP) wrote:
Hello,
I'm trying to setup a replica server with ipa-2.2.0-16 on both the Server and
the Replica Server.
Here are the steps I ran (From th
nstead of modify.
But it's not complaining about that. It can't seem to find the dn: cn=config
which is weird since I see it in the file.
Matt
-Original Message-
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: Friday, April 05, 2013 11:07 AM
To: Joseph, Matthew (EX
Hey Rob,
I was able to get NIS passwords working.
I had a space at the end of dn: cn=config (stupid me).
Thanks for the help!
Matt
-Original Message-
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: Friday, April 05, 2013 11:07 AM
To: Joseph, Matthew (EXP); freeipa-users
...@redhat.com] On Behalf Of Dmitri Pal
Sent: Friday, April 05, 2013 11:56 AM
To: freeipa-users@redhat.com
Subject: EXTERNAL: Re: [Freeipa-users] Active Directory --> IPA Password Sync
On 04/05/2013 10:52 AM, Joseph, Matthew (EXP) wrote:
Hello,
I imagine this is a common issue/question when trying
Hello,
I imagine this is a common issue/question when trying to implement the password
sync between AD and IPA.
We have two Windows 2003 domain controllers (for redundancy) so when a user
issues a password change on the Windows side there is no primary domain
controller that it will always use
oseph, Matthew (EXP); freeipa-users@redhat.com
Subject: Re: [Freeipa-users] EXTERNAL: Re: NIS Compat Password Issues
Joseph, Matthew (EXP) wrote:
> My old NIS server we used shadow passwords.
> When I migrated my passwd nis file to IPA I'm assuming it also imported the
> part of the file
o run that command I get the following error;
Ldap_bind: No Such Object (32)
I can manually add that to the dse.ldif right? If so where would it go?
Thanks,
Matt
-Original Message-
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Joseph, Ma
o
IPA?
Is there a better way to get around this?
Matt
-Original Message-
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Joseph, Matthew (EXP)
Sent: Friday, April 05, 2013 6:40 AM
To: Rob Crittenden; freeipa-users@redhat.com
Subject: Re: [Fr
Hey Rob,
The passwd section of nsswitch.conf is the following;
Passwd: files nis
Matt
-Original Message-
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: Thursday, April 04, 2013 3:05 PM
To: Joseph, Matthew (EXP); freeipa-users@redhat.com
Subject: EXTERNAL: Re: [Freeipa-users
Hello,
I've having issues with trying to login to our NIS clients that are looking at
IPA as a "NIS" Server.
The NIS Client can view all of the usernames when I do a ypcat passwd but when
I try to login a with a user account it will not accept the password. I've even
tried setting it as simple
Hello,
I'm trying to setup a replica server with ipa-2.2.0-16 on both the Server and
the Replica Server.
Here are the steps I ran (From the Red Hat 6.3 IdM Administration Guide);
IPA_Server:
ipa-replica-prepare ipareplica.example.com --ip-address 192.168.1.2
scp /var/lib
Awesome that was the issue Rob.
Thanks!
Matt
-Original Message-
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: Wednesday, April 03, 2013 10:14 AM
To: Joseph, Matthew (EXP); freeipa-users@redhat.com
Subject: Re: EXTERNAL: Re: [Freeipa-users] Client Installation Error
Joseph
7;m trying to add is in DNS and
the host table. He can ping him fine so there is no issue with communication.
Any ideas? Any other logs/information I can provide you?
Thanks,
Matt
-Original Message-
From: Joseph, Matthew (EXP)
Sent: Tuesday, April 02, 2013 3:01 PM
To: 'Rob C
Sent: Tuesday, April 02, 2013 2:58 PM
To: Joseph, Matthew (EXP); freeipa-users@redhat.com
Subject: EXTERNAL: Re: [Freeipa-users] Client Installation Error
Joseph, Matthew (EXP) wrote:
> Hey,
>
> I'm trying to add a client to IPA and I'm getting the following error;
>
> J
Hey,
I'm trying to add a client to IPA and I'm getting the following error;
Joining realm failed because of failing XML-RPC request
This error may be caused by incompatible server/client major versions.
Client is running Red Hat 6.1 with the following IPA and Curl packages
installed;
Ipa-*-2.0
Hey Nalin,
Sorry typo on my part. It does say nis-base.
-Original Message-
From: Nalin Dahyabhai [mailto:na...@redhat.com]
Sent: Wednesday, March 27, 2013 12:57 PM
To: Joseph, Matthew (EXP)
Cc: freeipa-users@redhat.com
Subject: EXTERNAL: Re: [Freeipa-users] IPA - NIS Compatability
On
Hello,
I'm trying to point a Solaris 10 server to use IPA as it's "NIS Server".
The Solaris 10 server has no issues communicating with IPA but it can only see
a few maps (Users, Groups).
Looking at the documentation it says you can add entries so I tried to for
Hosts but I can't get ypcat hosts
-replica-manage command and was able to make a connection.
Thanks again,
Matt
From: Rich Megginson [mailto:rmegg...@redhat.com]
Sent: Thursday, March 21, 2013 5:00 PM
To: Joseph, Matthew (EXP)
Cc: freeipa-users@redhat.com
Subject: Re: EXTERNAL: Re: [Freeipa-users] Winsync Issues
On 03/21/2013 01
sers,dc=domain1,dc=domain2,dc=ca
That shouldn't make a difference should it?
From: Rich Megginson [mailto:rmegg...@redhat.com]
Sent: Thursday, March 21, 2013 4:31 PM
To: Joseph, Matthew (EXP)
Cc: freeipa-users@redhat.com
Subject: Re: EXTERNAL: Re: [Freeipa-users] Winsync Issues
On 03/21/2
To: Joseph, Matthew (EXP)
Cc: freeipa-users@redhat.com
Subject: EXTERNAL: Re: [Freeipa-users] Winsync Issues
On 03/21/2013 12:37 PM, Joseph, Matthew (EXP) wrote:
Hello,
I'm currently in the processing of installing/configuring IPA 2.2.0-16 on a
Red Hat 6.4 Server and I'm running into s
Hello,
I'm currently in the processing of installing/configuring IPA 2.2.0-16 on a
Red Hat 6.4 Server and I'm running into some issues trying to get IPA to
replicate to a Windows 2003 SP2 DC.
Here is the steps I took (I used the Red Hat Identity Management Guide)
1) Create idmpasssync u
y 22, 2013 3:04 PM
To: Rob Crittenden
Cc: Joseph, Matthew (EXP); freeipa-users@redhat.com
Subject: EXTERNAL: Re: [Freeipa-users] OneWaySync Issues
On 01/22/2013 11:46 AM, Rob Crittenden wrote:
> Joseph, Matthew (EXP) wrote:
>> Hello,
>>
>> I'm trying to configure the one
Hello Rob,
Sorry typo on my part. The command I put in is actually fromWindows
Matt
-Original Message-
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: Tuesday, January 22, 2013 2:47 PM
To: Joseph, Matthew (EXP)
Cc: freeipa-users@redhat.com
Subject: EXTERNAL: Re: [Freeipa-users
inson [mailto:rmegg...@redhat.com]
Sent: Tuesday, January 22, 2013 3:04 PM
To: Rob Crittenden
Cc: Joseph, Matthew (EXP); freeipa-users@redhat.com
Subject: EXTERNAL: Re: [Freeipa-users] OneWaySync Issues
On 01/22/2013 11:46 AM, Rob Crittenden wrote:
> Joseph, Matthew (EXP) wrote:
>> Hello,
&g
Hello,
I'm trying to configure the oneWaySync option for IPA so only the Windows AD
can replicate changes to IPA.
When I use the command that I listed below it says it works but when I delete a
user form IPA it will then delete the user in Active Directory.
Is my command listed below correct? A
69 matches
Mail list logo