er = ipa
auth_provider = ipa
chpass_provider = ipa
access_provider = ipa
krb5_store_password_if_offline = True
ipa_server = _srv_
ldap_tls_cacert = /etc/ipa/ca.crt
krb5_realm = SFMC.CO
krb5_changepw_principle = kadmin/changepw
krb5_auth_timeout = 15
ipa_hostname = vm3118.dev.ca1.sfmc.co
--
Terry Soucy -
A DNS slave here is no different. The slave does not get its
information from IPA. It gets it from a basic zone update from the
master. Configure your slave like you would configure any other DNS
slave.
Terry
Sent from my iPhone
> On Jan 28, 2014, at 7:48 AM, "Choudhury, Suhail"
> wrote:
>
> H
ate.
>
> Any ideas on where to look next?
>
> Thanks Andrew Precht
>
> ___
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
--
Terry Soucy - Systems Engineer
Salesforce Marketin
nown error)
Unable to delete replica 'en5013.dev.ca1.sfmc.co'
Terry
On Wed, Nov 20, 2013 at 4:21 PM, Rob Crittenden wrote:
> Terry Soucy wrote:
>
>> I have the keytab with the oldest version number shown in the kvno
>> command, but when I put that into place, I get no j
-getkeytab file, I get one version number. If I export from server B, I
get an older version number. When I use the kvno command, I get an even
older number.
Terry
On Wed, Nov 20, 2013 at 3:56 PM, Rich Megginson wrote:
> On 11/20/2013 12:37 PM, Terry Soucy wrote:
>
> I am currently h
I have the keytab with the oldest version number shown in the kvno command,
but when I put that into place, I get no joy.
Terry
On Wed, Nov 20, 2013 at 4:05 PM, Terry Soucy wrote:
> The service principal ldap/serverB was exported but not put into place at
> /etc/dirsrv/ds.keytab. Repli
to no replication, etc, etc. I need to sync the ldap/serverB
service principal on Server A with the ldap/serverB service principal on
Server B. Is there a way to do that, or am I looking at a re-init of server
B?
Terry
--
Terry Soucy - Systems Engineer
Salesforce MarketingCloud - http
ails of the replication? There is not a lot of changes going on
that require replication with regards to dns, users, hosts, etc, so I'm not
sure why it would take so long. Also, can I remove the SASL bind and just
add a replication user to the dse.ldif to remove the requirement for
kerbero
