On ke, 18 huhti 2018, Rob Brown via FreeIPA-users wrote:
Just thinking outside the box here:
I'm not sure if $ is a "legal" character to use in usernames, but probably
highly unlikely.
What if we could tell passhook to just ignore "usernames" that end in '$'?
// If UserName is NULL, just return
On ke, 18 huhti 2018, Miguel Angel Coa M. wrote:
Hello Alexander,
Thanks for you clarification, the problem was: The user change password in
the personal computer but this action hit in other domain controller
(balancing) not necessarily where the passsync program is installed so some
user hit to
Just thinking outside the box here:
I'm not sure if $ is a "legal" character to use in usernames, but probably
highly unlikely.
What if we could tell passhook to just ignore "usernames" that end in '$'?
// If UserName is NULL, just return STATUS_SUCCESS
if (UserName == NULL) {
goto exit;
Rob Brown via FreeIPA-users wrote:
> I have passsync configured and working just fine, but with one minor
> annoyance:
> the passsync.log file is filled with "computer account" password changes.
>
> Example: (first one is a user passwd change, second is computer account.)
>
> 04/16/18 09:02:0
I have passsync configured and working just fine, but with one minor
annoyance:
the passsync.log file is filled with "computer account" password changes.
Example: (first one is a user passwd change, second is computer account.)
04/16/18 09:02:02: Received passhook event. Attempting sync
04/16/18
Hello Alexander,
Thanks for you clarification, the problem was: The user change password in
the personal computer but this action hit in other domain controller
(balancing) not necessarily where the passsync program is installed so some
user hit to AD (with passsync and sync ok) but other user hit
Andrew Meyer wrote:
> Rob,
> For this are you referring to the search limit size?
ipa config-mod --searchrecordslimit=250
rob
>
>
> On Friday, April 6, 2018 9:29 AM, Rob Crittenden via FreeIPA-users
> wrote:
>
>
> Andrew Meyer via FreeIPA-users wrote:
>> So I'm having an issue with sudo po
Andrew Meyer wrote:
> Yes, but what about adding the hostgroup to the sudo policy? Do I still
> need to add the netgroup instead?
sudorule-add-host Add hosts and hostgroups affected by Sudo
Rule.
hostgroups are represented as netgroups.
rob
>
>
> On Wednesday, April 18, 2018 10:
Rob, For this are you referring to the search limit size?
On Friday, April 6, 2018 9:29 AM, Rob Crittenden via FreeIPA-users
wrote:
Andrew Meyer via FreeIPA-users wrote:
> So I'm having an issue with sudo policies where I have about ~200
> commands in my sudoers, I added those commands
Yes, but what about adding the hostgroup to the sudo policy? Do I still need
to add the netgroup instead?
On Wednesday, April 18, 2018 10:17 AM, Rob Crittenden via FreeIPA-users
wrote:
Andrew Meyer via FreeIPA-users wrote:
> Hello,
> I have been doing a lot of research on trying to g
Andrew Meyer via FreeIPA-users wrote:
> Hello,
> I have been doing a lot of research on trying to get host groups to work
> with sudoers policies. However I'm finding that this can't be done and
> the only achieved by using netgroups. Is this true? I just would
> like some validation/confirma
Hello, I have been doing a lot of research on trying to get host groups to work
with sudoers policies. However I'm finding that this can't be done and the
only achieved by using netgroups. Is this true? I just would like some
validation/confirmation before I go to far down the rabbit hole._
Hi Duncan,
check out this thread
https://lists.fedoraproject.org/archives/list/freeipa-users@lists.fedorahosted.org/thread/CLIKT4MVLDO5OIKFCWUUDDPSMVLTRKH2/
cheers,
--- Ernedin ZAJKO
eza...@root.ba
> 340282366920938463463374607431768211456
On Wed, Apr 18, 2018 at 12:22 PM, Duncan Colhoun vi
Hey All,
I have an external NFS cluster serviced by a VIP. The clients run
autofs configured via IPA to provide NFS home directories to client.
However, running into an issue on one of the clients and wondering if
anyone seen this message from a tcpdump of a simple mount session that's
prev
Hi
When attempting to migrate an existing OpenLDAP server to FreeIPA (version
4.5.0 on Centos 7), I am getting the following error - unknown object class
"ededuperson"
If I look at the LDAP I can see
edEduPerson
OID: 1.2.826.0.1109.2.0.0
Description: Additional attributes for AuthLDAP
Type: au
On ti, 17 huhti 2018, Miguel Angel Coa M. via FreeIPA-users wrote:
Hello Guy's,
I have IPA server 4.5, conected to Windows AD the user replication is ok,
but i have strange problem with password sync some user synchronize
password without problem but other user account not password synchronize
16 matches
Mail list logo
