FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 06-26-2012, 07:55 PM
Boris Epstein
 
Default FreeIPA on Centos 6

Hello all,

Is anybody using http://freeipa.org on a CentOS 6 server? Is it working
well?

Thanks.

Boris.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-26-2012, 09:11 PM
James Hogarth
 
Default FreeIPA on Centos 6

>
> Is anybody using http://freeipa.org on a CentOS 6 server? Is it working
> well?
>

Yes and yes.... I suggest checking out the FreeIPA mailing list and
IRC channel if you have any trouble as you'll find quite a few people
there.

As a heads up IPA 2.2 will be coming in CentOS 6.3 which includes SSH
key maintenance in IPA and form based authentication for when you
don't have a kerberos token to pass to the IPA interface.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-27-2012, 06:32 AM
Laurent Wandrebeck
 
Default FreeIPA on Centos 6

2012/6/26 James Hogarth <james.hogarth@gmail.com>:
>>
>> Is anybody using http://freeipa.org on a CentOS 6 server? Is it working
>> well?
>>
>
> Yes and yes.... I suggest checking out the FreeIPA mailing list and
> IRC channel if you have any trouble as you'll find quite a few people
> there.
>
> As a heads up IPA 2.2 will be coming in CentOS 6.3 which includes SSH
> key maintenance in IPA and form based authentication for when you
> don't have a kerberos token to pass to the IPA interface.
Hi,

deployed it at work, two (kvm) instances for HA, with DNS.
Named segfaulted here and there, and when the master instance failed,
takeover didn't work for whatever reason.
A really nice piece of software i'd have liked to continue to use, but
not yet prod ready imho.
I guess I'll have another look after 6.3.
HTH,
Laurent.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-27-2012, 06:39 AM
James Hogarth
 
Default FreeIPA on Centos 6

> Named segfaulted here and there, and when the master instance failed,
> takeover didn't work for whatever reason.
>

I have four IPAs replicating together across two DCs with full DNS and CA
integration plus using it for sudo management as well.... fully stable.

Have never seen the behaviour you describe and there is no 'master' to take
over from since it is multi master.... so no take over even exists much
less is required....
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-27-2012, 06:46 AM
Rob Kampen
 
Default FreeIPA on Centos 6

On 06/27/2012 06:39 PM, James Hogarth wrote:

Named segfaulted here and there, and when the master instance failed,
takeover didn't work for whatever reason.


I have four IPAs replicating together across two DCs with full DNS and CA
integration plus using it for sudo management as well.... fully stable.

Have never seen the behaviour you describe and there is no 'master' to take
over from since it is multi master.... so no take over even exists much
less is required....
__________________________

Is there a HOWTO for this somewhere? Sounds like a very useful setup.


_____________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-27-2012, 07:25 AM
James Hogarth
 
Default FreeIPA on Centos 6

> Is there a HOWTO for this somewhere? Sounds like a very useful setup

All the docs needed to set up that bit can be found on docs.redhat.com ...
the identity management guide in the rhel6 section.

I've written some more advanced guides on the freeipa wiki (look at how tos
under documentation) covering Apache auth against IPA and IPA for httpd
certificate management... will soon add my kvm/libvirt/vnc authentication
against IPA doc as well - just waiting on feedback before adding it to the
how to section.

If there are any specific how tos you'd like to see on there feel free to
suggest... and always feel free to ping me...
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-27-2012, 08:36 AM
Natxo Asenjo
 
Default FreeIPA on Centos 6

On Wed, Jun 27, 2012 at 8:39 AM, James Hogarth <james.hogarth@gmail.com>wrote:

> > Named segfaulted here and there, and when the master instance failed,
> > takeover didn't work for whatever reason.
> >
>
> I have four IPAs replicating together across two DCs with full DNS and CA
> integration plus using it for sudo management as well.... fully stable.
>
> Have never seen the behaviour you describe and there is no 'master' to take
> over from since it is multi master.... so no take over even exists much
> less is required....
>

+1.

IPA is a very nice addition to the linux environment. And getting better
all the time :-)

Finally we can deploy a secure, trusted network without having to hack 20
different software pieces together. TUV has really nailed this one.

--
groet,
natxo
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-27-2012, 09:15 AM
Boris Epstein
 
Default FreeIPA on Centos 6

On Wed, Jun 27, 2012 at 2:39 AM, James Hogarth <james.hogarth@gmail.com>wrote:

> > Named segfaulted here and there, and when the master instance failed,
> > takeover didn't work for whatever reason.
> >
>
> I have four IPAs replicating together across two DCs with full DNS and CA
> integration plus using it for sudo management as well.... fully stable.
>
> Have never seen the behaviour you describe and there is no 'master' to take
> over from since it is multi master.... so no take over even exists much
> less is required....
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>

Thanks. What's DC in this context?

Boris.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-27-2012, 09:23 AM
Natxo Asenjo
 
Default FreeIPA on Centos 6

On Wed, Jun 27, 2012 at 11:15 AM, Boris Epstein <borepstein@gmail.com>wrote:

> On Wed, Jun 27, 2012 at 2:39 AM, James Hogarth <james.hogarth@gmail.com
> >wrote:
>
> > > Named segfaulted here and there, and when the master instance failed,
> > > takeover didn't work for whatever reason.
> > >
> >
> > I have four IPAs replicating together across two DCs with full DNS and CA
> > integration plus using it for sudo management as well.... fully stable.
> >
> > Have never seen the behaviour you describe and there is no 'master' to
> take
> > over from since it is multi master.... so no take over even exists much
> > less is required....
> > _______________________________________________
> > CentOS mailing list
> > CentOS@centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> >
>
> Thanks. What's DC in this context?
>
> Boris.
>

datacenters?

--
groeten,
natxo
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-27-2012, 09:35 AM
James Hogarth
 
Default FreeIPA on Centos 6

>
> datacenters?
>

Bingo
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 12:03 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org