[Freeipa-users] Another Expired Certs Issue

2020-10-27 Thread Sean McLennan via FreeIPA-users
I swear I have been reading and trying everything I can find on here and elsewhere today and I'm still having problems fixing my certs. As appears to be a common problem, certmonger didn't auto-renew any of them. IPA v4.6.9 running on Ubuntu 18.04; only the one server IPA RA is fine ldap and kr

[Freeipa-users] Re: Is it possible to use the FreeIPA LDAP interface to authenticate AD users?

2020-10-27 Thread Chris Dagdigian via FreeIPA-users
Replying to myself because I always post at odd hours when nobody is reading inbox, heh Wondering if it is technically possible to use FreeIPA LDAP interface to resolve/authenticate AD-users.  Thanks! Chris Chris Dagdigian October 26, 2020 at 2:31 PM My use case

[Freeipa-users] Re: Error during FreeIPA installation

2020-10-27 Thread Charles Sibbald via FreeIPA-users
Realised the error: Somehow I deleted the 127.0.0.1 localhost entry. Cheers > On 27 Oct 2020, at 16:14, Charles Sibbald wrote: > > Hi Rob, > > Your advice "You need to modify /etc/hosts to ensure that the host FQDN does > not point to 127.0.0.1 but to its actual IP address. > > I am ashamed

[Freeipa-users] Re: Error during FreeIPA installation

2020-10-27 Thread Charles Sibbald via FreeIPA-users
Hi Rob, Your advice "You need to modify /etc/hosts to ensure that the host FQDN does not point to 127.0.0.1 but to its actual IP address. I am ashamed to say I either do not understand how this is done or I am confused. I have set the hosts file as follows and there is no 127.0.0.1 I am not e

[Freeipa-users] Re: Error during FreeIPA installation

2020-10-27 Thread Rafael Jeffman via FreeIPA-users
Hi, As stated in the error, KDC will not work if it resolves to the localhost (::1) address. To fix your installation, modify your /etc/hosts to ``` ::1 localhost localhost6 10.27.3.2 freeipa-2.packet.das-schiff.io freeipa-2 ``` Take care, Rafael On Tue, Oct 27, 2020 at 10:50 AM Charl

[Freeipa-users] Re: Error during FreeIPA installation

2020-10-27 Thread Rob Crittenden via FreeIPA-users
Charles Sibbald via FreeIPA-users wrote: > I get an error during freeIPA ansible install which does not seem to make > sense. > > I have the following inventory file: > > ```cat inventory/hosts.cluster > [ipaserver] > freeipa-1 ansible_host=10.27.3.1 ansible_port=22 ansible_user='centos' > ansi

[Freeipa-users] Error during FreeIPA installation

2020-10-27 Thread Charles Sibbald via FreeIPA-users
I get an error during freeIPA ansible install which does not seem to make sense. I have the following inventory file: ```cat inventory/hosts.cluster [ipaserver] freeipa-1 ansible_host=10.27.3.1 ansible_port=22 ansible_user='centos' ansible_sudo_pass='centos' ansible_ssh_private_key_file='~/.ssh/

[Freeipa-users] Re: Deploying freeipa-client with ansible-freeipa behind haproxy

2020-10-27 Thread Ulrich-Lorenz Schlüter via FreeIPA-users
Am 26.10.20 um 21:39 schrieb Rafael Jeffman via FreeIPA-users: > Hello, > > On Mon, Oct 26, 2020 at 2:13 PM Ulrich-Lorenz Schlüter via FreeIPA-users > > wrote: >> >> Hello there, >> >> when I deploy the freeipa-client to hosts behind a haproxy most o