Well, according to this article, I make it work on 12.04, although not perfect:
http://www.redhat.com/archives/freeipa-users/2013-June/msg00091.html
For 10.04, Timo confirmed that there won't any support for that since
there is 9 months before reach its EOL, so you have to make it by
youself.
--
After many tries, neither 10.04 nor 12.04 work :-(
So is there any plan to fix them?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/997990
Title:
fail joining to a freeipa server with ipa-client-inst
** Changed in: freeipa
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/997990
Title:
fail joining to a freeipa server with ipa-client-install
To manage notifications a
ipa-client-install works properly on trusty
** Changed in: freeipa (Ubuntu)
Status: Incomplete => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/997990
Title:
fail joining to a f
Please try with current updates, gnutls26 in particular has received
updates that might have fixed this in the process, and I can't reproduce
this on raring.
** Changed in: freeipa (Ubuntu)
Status: Confirmed => Incomplete
--
You received this bug notification because you are a member of U
Any news on this?
I get the follow, as of today, running freeipa-client-install --enable-
dns-updates --mkhomedir.
root: ERRORLDAP Error: Connect error: A TLS packet with
unexpected length was received.
^ on latest FreeIPA on SL 6.3 + latest FreeIPA Client on Ubuntu Server
LTS 12.04.
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: freeipa (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/997990
Title:
fai
the bug for adding Pam_mkhomedir to the default stack is 557013 (also 55)
although at the end I have used this config file
(/usr/share/pam-configs/my_mkhomedir):
Name: activate mkhomedir
Default: yes
Priority: 900
Session-Type: Additional
Session:
optionalpam_m
Hi,
the FreeIPA upstream already got rid of acutil in favor of python-dns:
http://osdir.com/ml/freeipa-devel/2012-05/msg00076.html
I've created an upstream bug
https://fedorahosted.org/freeipa/ticket/2766 on the ntpdate -U issue.
Feel free to submit a patch :-)
** Bug watch added: fedorahosted.or
The attachment "patch to make dns queries for ipa work" of this bug
report has been identified as being a patch. The ubuntu-reviewers team
has been subscribed to the bug report so that they can review the patch.
In the event that this is in fact not a patch you can resolve this
situation by removi
there is a problem with the insserv package for the i386 architecture
which makes that chkconfig can't enable ntp, I have opened the bug
1000834 about this
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs
ntpdate has not -U option in ubuntu so that makes ntpconf.py crash, this
patch removes the -U option and comments some calls to sysconfig files
which make the file crash also
** Patch added: "patch to make ntpconf.py work in ubuntu"
https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/997990
the discovery of dreeipa servers doesn't works because relies in authcobfig
through the acutil python package, it's import is comented in dnsclient.py. I
have build a patch to make this work using pydns
(http://pydns.sourceforge.net/). take a look to it, it wold be nice to include
it and/or mak
good news: the workaround of using libpam-cracklib really worked in
ubuntu, in fedora the thing also works
the problem was that my testing machines were in a virtualbox with nat
networking and in that configuration there can be some problems for making
kerberos run correctly:
http://hasustorm.co
most likely it's just that I forgot to tell you to run 'pam-auth-update'
after modifying the pam-config file..
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/997990
Title:
fail joining to a freeipa s
the problem with the authentication token could be related to something
in the server, if I join a fedora box to server I have the same problems
but with a joined centos box all seems ok. I'm going to install the
server part in a fedora box and repeat all my testing
thanks
--
You received this b
I have removed use_authtok from the sss file but there must be something wrong
because I can't still change the password. I have followed the instructions
here https://fedoraproject.org/wiki/How_to_debug_SSSD_problems to enable
sssd_pam debug and it seems to be doing the same thing:
(Tue May 15
The password change not working is a bug in the libpam-sss pam config
file, either install libpam-cracklib or drop 'use_authtok' from the
/usr/share/pam-configs/sss file (from the Password line). Dropping the
option will be provided as an update to 12.04 at a later date.
I don't know what you mean
for the moment these things doesn't work:
-gdm integration: I intend to use this for normal users who will use ubuntu as
desktop machines so this is a must
-the first time I tried to use a domain user I receive an error when trying to
change the password, in /var/log/auth.log:
May 14 14:03:47 ubu
ah, if you mean the comment "would run.." it's just informational. SSSD
is already enabled, and pam is otherwise configured, but there's no pam-
auth-update config for pam_mkhomedir.. probably should just change the
text, or drop it.
--
You received this bug notification because you are a member
What do you mean by "doesn't seem to be functional"? What doesn't work?
It's working fine here, though the install script is missing some
cleanups as you've noticed.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpa
the system doesn't seem to be functional. the install phase asks to input the
equivalent of a redhat command for the ubuntu platform:
Would run on a Red Hat platform: /usr/sbin/authconfig --enablesssdauth
--enablemkhomedir --update --enablesssd
Please do the corresponding changes manually and pre
** Changed in: freeipa
Status: Unknown => New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/997990
Title:
fail joining to a freeipa server with ipa-client-install
To manage notifications abo
** Attachment added: "log of the installation operation with sudo
ipa-client-install -d --enable-dns-updates"
https://bugs.launchpad.net/freeipa/+bug/997990/+attachment/3145701/+files/ipaclient-install.log
--
You received this bug notification because you are a member of Ubuntu
Bugs, which i
I have found this messages about problems running freipa in ubuntu:
https://www.redhat.com/archives/freeipa-devel/2011-September/msg00407.html
https://www.redhat.com/archives/freeipa-devel/2011-September/msg00408.html
and this ticket:
https://fedorahosted.org/freeipa/ticket/1887
I created the nss
** Bug watch added: fedorahosted.org/freeipa/ #1887
https://fedorahosted.org/freeipa/ticket/1887
** Also affects: freeipa via
https://fedorahosted.org/freeipa/ticket/1887
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member of Ubuntu
I have enabled ssl3 in the server with this order:
ldapmodify -D "cn=directory manager" -W -p 389 -h localhost -x
dn: cn=encryption,cn=config
changetype: modify
replace: nsSSL3
nsSSL3: on
exit
restarted the server with ipactl restart and now the command ipa-client-install
initiates the joining
gnutls has changed but it's apparently doing the right thing, the
details at
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=663127
** Bug watch added: Debian Bug tracker #663127
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=663127
--
You received this bug notification because you are a
Yes, this is likely a bug in NSS on the server. You can make it work by
enabling SSL v3 on the server:
- shut dirsrv down
- edit /etc/dirsrv/slapd-FOO/dse.ldif:
- search for 'nsSSL3:', change the value to 'on'
- save the file
- start dirsrv
the next time ipa-client-install should work.
--
Y
I'have download and compiled some versions of gnutls and this is the result:
gnutls-2.8.5: works
gnutls-2.12.19: fail
gnutls-3.0.19: fail
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/997990
Title:
the problem could be also reproduced with the gnutls-cli command. it seeems
that's launching the handshake in an incompatible manner with the server.
the same comman from a centos box works (2.8.5 version of gnutls-cli). in the
ubuntu box is version 2.12.14
root@ubuntuprovesfreeipa:/etc/ldap# gn
trying to connect with ldapseach gives the same error:
pasqual@ubuntuprovesfreeipa:~$ ldapsearch -x -b -v -d8 "dc=linux,dc=gva,dc=es"
-H ldaps://freeipaserver.linux.gva.es "objectClass=*"
TLS: can't connect: A TLS packet with unexpected length was received..
ldap_sasl_bind(SIMPLE): Can't contact
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/997990
Title:
fail joining to a freeipa server with ipa-client-install
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+
33 matches
Mail list logo
