Questions tagged [freeipa]
FreeIPA is an Identity management system. It aims to provide an easily managed Identity, Policy, and Audit (IPA).
27 questions
1
vote
0
answers
18
views
setting up sssd in suse
I am setting up FreeIPA on SUSE. I have one server and one client. I installed slapd on the server with these configs:
include /etc/openldap/schema/core.schema
include /etc/openldap/...
- 11
0
votes
1
answer
1k
views
freeipa client installation in ubuntu
I am installing freeipa client in ubuntu VM, but getting the following error.
failed to obtain host tgt: major (458752): no credentials were supplied, or the credentials were unavailable or ...
1
vote
0
answers
531
views
automount is flooding /var/log/messages with the line "automount[21736]: do_mount_indirect: indirect trigger not valid or already mounted"
I am facing an issue with automount on a bunch of linux centos hosts.
I see the following line in /var/log/messages to thousands
automount[21736]: do_mount_indirect: indirect trigger not valid or ...
- 111
0
votes
1
answer
3k
views
Completely locked out of the admin account with FreeIPA
I have a FreeIPA server set up with a single replica. The admin account has been locked. Here's the log from a kinit admin:
[root@idm-00 ~]# kinit admin
kinit: Client's credentials have been revoked ...
- 338
0
votes
1
answer
4k
views
"Sealing" secrets with FreeIPA?
Recently we've been researching how to set up TPM on our Linux hosts: when they boot, the grub parameters and kernel are checksummed, and if the checksum is as expected the TPM module unseals a key ...
- 203
1
vote
1
answer
3k
views
FreeIPA automount home directory prevents local user home directory creation
I have set up FreeIPA as IDM software for my network and successfully configured a Kerberos aware NFS server and Kerberos aware NFS clients.
When a user logs into a machine, it's user directory on the ...
- 323
1
vote
0
answers
533
views
Setup mail server in Docker with FreeIPA and Roundcube
I try to setup my own mail server with authentication against a Ldap(FreeIPA). All of them must running within a docker container. I don't know what I'm doing wrong. Maybe it's my ldap configuration.
...
- 111
0
votes
2
answers
1k
views
Help removing a failed replica from a FreeIPA setup
I have two FreeIPA servers in my system; ns-1 and ns-2. To my limited knowledge, ns-1 is our main ipa server and ns-2 was setup as a replica. But I may be incorrect in that regard.
In my attempts to ...
- 179
0
votes
2
answers
3k
views
Joining hosts to freeIPA without changing hostname
I've been asked to join linux hosts in my company to freeIPA. But the problem is that I'm not allowed to change hostnames. So I should leave hosts NetBios names intact.
I am wondering if there is any ...
- 1
0
votes
2
answers
1k
views
autofs mount local directory when nfs unavailable
I want to have my home directory be an NFS mount when it's available, or a local directory when it's not. Think of a laptop that I might want to take somewhere off of my normal network. What I have ...
- 3
0
votes
0
answers
873
views
display grid of data in bash
would like to get an opinion on how best to do this in bash, thank you
for x number of servers, each has it's own list of replication agreements and their status.. it's easy to run a few commands and ...
- 1
0
votes
1
answer
2k
views
FreeIpa MFA for AD users
I've setup FreeIpa POC (centos7, freeipa 4.7, two freeipa servers as multimaster with some clients). Added OTP's for several users and made it work with RADIUS for vpn access authentication purposes. ...
- 101
0
votes
1
answer
493
views
bash script to eference value of $GECOS from /etc/passwd with awk or sed to extract first and last name
Red Hat has a sample script to migrate users from NIS to FreeIPA. nis-user.sh looks like this:
#!/bin/sh
# $1 is the NIS domain, $2 is the NIS master server
ypcat -d $1 -h $2 passwd > /dev/shm/nis-...
- 133
4
votes
1
answer
8k
views
What is the difference between freeipa and openldap [closed]
What is the difference between openldap and freeipa. Aren’t they same? What is the main work of them and how do they are interconnected or they are separate thing?
0
votes
0
answers
117
views
Restricting ssh access for shared software accounts
We have passwordless login on all hosts through kerberos.
We have user accounts and shared accounts - all (host and sudo access) managed through LDAP (FreeIPA by RedHat).
Now if we give shell access ...
