Re: [Freeipa-users] FreeIPA + Foreman 1.5

:37 AM Subject: Re: [Freeipa-users] FreeIPA + Foreman 1.5 AFAIK you can use ldap sudo provider with IPA, see e.g. http://fedoraproject.org/wiki/QA:Testcase_freeipav3_sudo_sssd#Configure_SSSD I got this working, and seems to work across recent Fedora releases too. This at least removes

Re: [Freeipa-users] FreeIPA + Foreman 1.5

- Original Message - From: Jakub Hrozek jhro...@redhat.com To: freeipa-users@redhat.com Sent: Monday, April 28, 2014 10:55:16 AM Subject: Re: [Freeipa-users] FreeIPA + Foreman 1.5 On Fri, Apr 25, 2014 at 04:16:11AM -0400, Stephen Benjamin wrote: - Original Message

Re: [Freeipa-users] FreeIPA + Foreman 1.5

On 04/28/2014 11:23 AM, Stephen Benjamin wrote: - Original Message - From: Jakub Hrozek jhro...@redhat.com To: freeipa-users@redhat.com Sent: Monday, April 28, 2014 10:55:16 AM Subject: Re: [Freeipa-users] FreeIPA + Foreman 1.5 On Fri, Apr 25, 2014 at 04:16:11AM -0400, Stephen

Re: [Freeipa-users] FreeIPA + Foreman 1.5

On Mon, Apr 28, 2014 at 05:23:18AM -0400, Stephen Benjamin wrote: - Original Message - From: Jakub Hrozek jhro...@redhat.com To: freeipa-users@redhat.com Sent: Monday, April 28, 2014 10:55:16 AM Subject: Re: [Freeipa-users] FreeIPA + Foreman 1.5 On Fri, Apr 25, 2014 at 04

Re: [Freeipa-users] FreeIPA + Foreman 1.5

On 04/24/2014 10:46 PM, Dmitri Pal wrote: On 04/23/2014 07:23 PM, Stephen Benjamin wrote: ... I am not sure it is doing the right thing. In the blog you specify bindpw for SUDO, this means you are configuring SUDO without SSSD integration. If you use IPA it is a command switch on the

Re: [Freeipa-users] FreeIPA + Foreman 1.5

On 25.4.2014 09:07, Martin Kosek wrote: On 04/24/2014 10:46 PM, Dmitri Pal wrote: On 04/23/2014 07:23 PM, Stephen Benjamin wrote: ... I am not sure it is doing the right thing. In the blog you specify bindpw for SUDO, this means you are configuring SUDO without SSSD integration. If you use

Re: [Freeipa-users] FreeIPA + Foreman 1.5

- Original Message - From: Jan Cholasta jchol...@redhat.com To: Martin Kosek mko...@redhat.com, d...@redhat.com, Stephen Benjamin stben...@redhat.com Cc: freeipa-users@redhat.com Sent: Friday, April 25, 2014 9:44:37 AM Subject: Re: [Freeipa-users] FreeIPA + Foreman 1.5 AFAIK you

Re: [Freeipa-users] FreeIPA + Foreman 1.5

: [Freeipa-users] FreeIPA + Foreman 1.5 AFAIK you can use ldap sudo provider with IPA, see e.g. http://fedoraproject.org/wiki/QA:Testcase_freeipav3_sudo_sssd#Configure_SSSD I got this working, and seems to work across recent Fedora releases too. This at least removes the requirement on using

Re: [Freeipa-users] FreeIPA + Foreman 1.5

, 2014 9:44:37 AM Subject: Re: [Freeipa-users] FreeIPA + Foreman 1.5 AFAIK you can use ldap sudo provider with IPA, see e.g. http://fedoraproject.org/wiki/QA:Testcase_freeipav3_sudo_sssd#Configure_SSSD I got this working, and seems to work across recent Fedora releases too. This at least

Re: [Freeipa-users] FreeIPA + Foreman 1.5

On 04/25/2014 07:44 AM, Martin Kosek wrote: On 04/25/2014 01:23 PM, Stephen Benjamin wrote: ... authconfig --nisdomain example.com --update nisdomainname example.com On Fedora or RHEL 7.0, you would also need to enable systemd service to make the NIS domain name setup persistent: # service

Re: [Freeipa-users] FreeIPA + Foreman 1.5

, April 25, 2014 3:42:39 PM Subject: Re: [Freeipa-users] FreeIPA + Foreman 1.5 Are you planning to have a toggle for SSH integration? There's freeipa_opts to pass options directly to the installer, so a user can directly pass anything they want. I can add the SSH flag if it's needed and a relatively

Re: [Freeipa-users] FreeIPA + Foreman 1.5

-users] FreeIPA + Foreman 1.5 On 04/25/2014 09:52 AM, Stephen Benjamin wrote: - Original Message - From: Dmitri Pal d...@redhat.com To: Martin Kosek mko...@redhat.com, Stephen Benjamin stben...@redhat.com Cc: Jan Cholasta jchol...@redhat.com, freeipa-users@redhat.com, Tomas

Re: [Freeipa-users] FreeIPA + Foreman 1.5

, April 25, 2014 3:59:31 PM Subject: Re: [Freeipa-users] FreeIPA + Foreman 1.5 On 04/25/2014 09:52 AM, Stephen Benjamin wrote: - Original Message - From: Dmitri Pal d...@redhat.com To: Martin Kosek mko...@redhat.com, Stephen Benjamin stben...@redhat.com Cc: Jan Cholasta jchol...@redhat.com

[Freeipa-users] FreeIPA + Foreman 1.5

Hi All, As part of the next release of Foreman, 1.5, realm join integration is being introduced. The first provider is, of course, FreeIPA. :-) The first release candidate of 1.5 is out now and I'd really appreciate it if anyone wants to give the FreeIPA integration a good workout. You can see

Re: [Freeipa-users] FreeIPA + Foreman 1.5

On 04/23/2014 10:00 AM, Stephen Benjamin wrote: Hi All, As part of the next release of Foreman, 1.5, realm join integration is being introduced. The first provider is, of course, FreeIPA. :-) The first release candidate of 1.5 is out now and I'd really appreciate it if anyone wants to give

Re: [Freeipa-users] FreeIPA + Foreman 1.5

Hi, - Original Message - From: Dmitri Pal d...@redhat.com To: freeipa-users@redhat.com, stben...@redhat.com Sent: Wednesday, April 23, 2014 10:16:16 PM Subject: Re: [Freeipa-users] FreeIPA + Foreman 1.5 On 04/23/2014 10:00 AM, Stephen Benjamin wrote: Hi All, As part

Re: [Freeipa-users] FreeIPA + Foreman 1.5

On 04/23/2014 05:07 PM, Stephen Benjamin wrote: Hi, - Original Message - From: Dmitri Pal d...@redhat.com To: freeipa-users@redhat.com, stben...@redhat.com Sent: Wednesday, April 23, 2014 10:16:16 PM Subject: Re: [Freeipa-users] FreeIPA + Foreman 1.5 On 04/23/2014 10:00 AM, Stephen

Re: [Freeipa-users] FreeIPA + Foreman 1.5

- Original Message - From: Dmitri Pal d...@redhat.com To: Stephen Benjamin stben...@redhat.com Cc: freeipa-users@redhat.com Sent: Thursday, April 24, 2014 12:28:48 AM Subject: Re: [Freeipa-users] FreeIPA + Foreman 1.5 Several questions: - Is it using IPA smart proxy