Dear,
I tried to install ipa using "yum install -y ipa-server" in CentOS 7.2.
Since the environement cann not connect to network, i prepared an local yum
repository using iso file.
Then i encountered dependency issue as below,
Error: Package: resteasy-base-jaxrs-3.0.6-4.el7.norach (iso) R
On Tue, Aug 07, 2018 at 04:51:00PM -, Ryan Slominski via FreeIPA-users
wrote:
> Hi Robbie,
>What is the proper way to configure an IPA host so that the sshd will use
> the FQDN? I've noticed that IPA client installer modifies the file
> /etc/krb5.conf and adds the lines:
Does the 'hos
ERR - NSACLPlugin - acl_parse - The ACL target
cn=vaults,cn=kra,dc=abc,dc=com does not exist
Any idea ..thx ...no big impact but keep logging error.
Regards
Barry
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe sen
Thanks. Got it.
On Tue, Aug 7, 2018 at 11:13 PM Robbie Harwood wrote:
>
> Quan Zhou via FreeIPA-users
> writes:
>
> > It took me a few days to figure out that it was the `/var/lib/krb5kdc`
> > directory whom has no execution perms set, so that the contents within
> > cannot be accessed by the wsg
Hi Dave,
I might be totally off - but I noticed there is a principal alias option.
If you want each IP to have a separate SSH key this probably won't work, but if
all IPs on a box can share a single set of keys then this might work.
Good luck,
Ryan
__
Hi Robbie,
What is the proper way to configure an IPA host so that the sshd will use
the FQDN? I've noticed that IPA client installer modifies the file
/etc/krb5.conf and adds the lines:
dns_canonicalize_hostname = false
rdns = false
If I comment out those lines then SSO works. Alternativ
Hello,
I am using CentOS 7.3 and FreeIPA 4.4.
I have one FreeIPA server and several FreeIPA clients. SSH SSO has been working
fine (via Kerberos). Call the network they reside on 192.168.1.0/24 (the
"primary" network).
I recently added a second NIC to each of the clients. Thus, all clients sha
Ryan Slominski via FreeIPA-users
writes:
> [root@testclient2 ~]# /usr/sbin/sshd -ddd -p 2
...
> debug1: Unspecified GSS failure. Minor code may provide more information
> No key table entry found matching host/testclient2@
Your KDC thinks this machine is called testclient2.example.com, wh
Hi Sumit,
Here is the sshd server side output with logging set to DEBUG3 after
re-running client and server over custom port 2:
[root@testclient2 ~]# /usr/sbin/sshd -ddd -p 2
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 920
de
Quan Zhou via FreeIPA-users
writes:
> It took me a few days to figure out that it was the `/var/lib/krb5kdc`
> directory whom has no execution perms set, so that the contents within
> cannot be accessed by the wsgi process that caused the problem, after
> 'sudo chmod a+x /var/lib/krb5kdc' the pro
Hi Robbie,
After setting KRB5_TRACE to a file in /tmp and running ssh command I get the
following output:
[1714] 1533649123.284380: ccselect module realm chose cache
KEYRING:persistent:1234:krb_ccache_6taXFjL with client principal
testu...@example.com for server principal
host/testclient2.exa
Hi All;
One of server of cluster shutdown for a week now return normal .
But the comes as below:
I already reintialize it worked success but the error keep log in the log
file
it already make the log size big.
The remote replica has a different database generation ID than the local
database.
12 matches
Mail list logo
