s
>
> The utility has special handling of individual known extended operations
> so it is able to parse them and display the data or just return them in
> the pseudo-LDIF format to ease handling of that data in command line
> pipelines.
>
>
> >
> >Cheers,
> >Y
onse
oid: 2.16.840.1.113730.3.8.10.4.1
data:: MDQKAQEEL1MtMS01LTIxLTIwOTQ4MTI2MTQtMTg5MTkxNjgxOS0xNTQ4ODk5MTI3LTYzNDI
data contains ExtdomResponseValue.
Cheers,
Yuriy
On Tue, Dec 31, 2024 at 8:21 PM Alexander Bokovoy wrote:
>
> On Аўт, 31 сне 2024, Yuriy Halytskyy via FreeIPA-users wrote:
> >Hi, and Happy N
LDAP command line gives me a similar result. GetKeytabControl (giving
me result in controls) vs Whoami (result in data):
$ LDAPTLS_REQCERT=never ldapexop -D
uid=admin,cn=users,cn=accounts,dc=example,dc=test -H
ldaps://ipa.example.test:636 -w hello_world
2.16.840.1.113730.3.8.10.5::oRswGaAXBBVob
Hi, and Happy New Year!
I am trying to request service and host keytabs programmatically. The
idea is to create terraform data source with Go, but I am also
experimenting with python because it has good ASN1 support. There are
already several terraform providers for IPA but they all use RPC only
a
128-cbc is supported by most installations?
On Wed, Dec 18, 2024 at 10:14 PM Alexander Bokovoy wrote:
>
> On Срд, 18 сне 2024, Yuriy Halytskyy via FreeIPA-users wrote:
> >Hi,
> >
> >I am trying to retrieve user vault contents using api. Based on "ipa
> >vault-retrie
Hi,
I am trying to retrieve user vault contents using api. Based on "ipa
vault-retrieve" command trace it looks like I need to use
vault_retrieve_internal/1 call and pass it a session key encrypted
with KRA transport public key. Where can I find that public key?
Cheers,
Yuriy
--
mple.csr --principal=host/example.com
--certificate-out=example.pem
for pkinit to work?
Cheers,
Yuriy
On Mon, Mar 11, 2024 at 4:08 AM Alexander Bokovoy wrote:
>
> On Няд, 10 сак 2024, Yuriy Halytskyy via FreeIPA-users wrote:
> >We want to be able to destroy/recreate IPA enrol
We want to be able to destroy/recreate IPA enrolled hosts without
using admin credentials.
ipa-client-install with a keytab seems like a good option except it
generates a new keytab. And there is no non-hacky way of passing this
new keytab back to terraform. Can we tell it not to generate a new
ke
Ahh, that explains it, thank you! Looks like I accidentally added
"member User ID override" to a group as opposed to adding an external
member.
Cheers,
Yuriy
On Fri, Jan 19, 2024 at 8:12 PM Alexander Bokovoy wrote:
>
> On Пят, 19 сту 2024, Yuriy Halytskyy via FreeIPA-us
Hi,
At first I've just created an external group, added the user, and
added that group to a role but that didn't work. Then I stumbled
across this while googling:
ipa idoverrideuser-add 'Default Trust View' username@DOMAIN
And it works, the user can use IPA commands with AD kerberos ticket
and r
10 matches
Mail list logo
