FreeIPA Server & Client
-
@AlyRagab said in FreeIPA Server & Client:
@stacksofplates said in FreeIPA Server & Client:
Another thing to try, do you have the ipa-admintools package installed on your client? If you do, what output do you get if you kinit and then run ipa user-find --all?
the admintools package is installed , but when i tried to run " ipa user-find --all " it shows this error :
[root@client ~]# ipa user-find --all
ipa: ERROR: 2.114 client incompatible with 2.112 server at 'https://ipa.server.local/ipa/xml'That's what I feared. I think to be able to run the IPA client on Fedora you will need to run the IPA server on Fedora server, not CentOS.
Or go the opposite and use CentOS 7 workstation instead of Fedora. I actually prefer the CentOS 7 workstation to Fedora, and I'm going to be switching back on my home laptop.
-
@stacksofplates said in FreeIPA Server & Client:
@AlyRagab said in FreeIPA Server & Client:
@stacksofplates said in FreeIPA Server & Client:
Another thing to try, do you have the ipa-admintools package installed on your client? If you do, what output do you get if you kinit and then run ipa user-find --all?
the admintools package is installed , but when i tried to run " ipa user-find --all " it shows this error :
[root@client ~]# ipa user-find --all
ipa: ERROR: 2.114 client incompatible with 2.112 server at 'https://ipa.server.local/ipa/xml'That's what I feared. I think to be able to run the IPA client on Fedora you will need to run the IPA server on Fedora server, not CentOS.
Or go the opposite and use CentOS 7 workstation instead of Fedora. I actually prefer the CentOS 7 workstation to Fedora, and I'm going to be switching back on my home laptop.
What about CentOS 7 workstation are you liking? I'm a Fedora fan and like Korora's mix of it the most.
-
@scottalanmiller said in FreeIPA Server & Client:
@stacksofplates said in FreeIPA Server & Client:
@AlyRagab said in FreeIPA Server & Client:
@stacksofplates said in FreeIPA Server & Client:
Another thing to try, do you have the ipa-admintools package installed on your client? If you do, what output do you get if you kinit and then run ipa user-find --all?
the admintools package is installed , but when i tried to run " ipa user-find --all " it shows this error :
[root@client ~]# ipa user-find --all
ipa: ERROR: 2.114 client incompatible with 2.112 server at 'https://ipa.server.local/ipa/xml'That's what I feared. I think to be able to run the IPA client on Fedora you will need to run the IPA server on Fedora server, not CentOS.
Or go the opposite and use CentOS 7 workstation instead of Fedora. I actually prefer the CentOS 7 workstation to Fedora, and I'm going to be switching back on my home laptop.
What about CentOS 7 workstation are you liking? I'm a Fedora fan and like Korora's mix of it the most.It
I like fedora a lot. But I had CentOS workstation for a long time after 7 came out. It's rock solid, like you have to try to break it. I've had some weird issues with fedora, both 23 and 24 that seemed a little buggy. In my experience Fedora with Gnome has been slower than CentOS with Gnome. Ive only ever found one thing I couldn't run on CentOS and that was FreeCAD, but it didn't run super well on Fedora either.
Plus there is the not needing to reinstall every 6 months or whatever the release schedule is.
And the fact I work with RHEL 7 WS every day, it feels comfortable.
-
@stacksofplates said in FreeIPA Server & Client:
@scottalanmiller said in FreeIPA Server & Client:
@stacksofplates said in FreeIPA Server & Client:
@AlyRagab said in FreeIPA Server & Client:
@stacksofplates said in FreeIPA Server & Client:
Another thing to try, do you have the ipa-admintools package installed on your client? If you do, what output do you get if you kinit and then run ipa user-find --all?
the admintools package is installed , but when i tried to run " ipa user-find --all " it shows this error :
[root@client ~]# ipa user-find --all
ipa: ERROR: 2.114 client incompatible with 2.112 server at 'https://ipa.server.local/ipa/xml'That's what I feared. I think to be able to run the IPA client on Fedora you will need to run the IPA server on Fedora server, not CentOS.
Or go the opposite and use CentOS 7 workstation instead of Fedora. I actually prefer the CentOS 7 workstation to Fedora, and I'm going to be switching back on my home laptop.
What about CentOS 7 workstation are you liking? I'm a Fedora fan and like Korora's mix of it the most.It
I like fedora a lot. But I had CentOS workstation for a long time after 7 came out. It's rock solid, like you have to try to break it. I've had some weird issues with fedora, both 23 and 24 that seemed a little buggy. In my experience Fedora with Gnome has been slower than CentOS with Gnome. Ive only ever found one thing I couldn't run on CentOS and that was FreeCAD, but it didn't run super well on Fedora either.
Plus there is the not needing to reinstall every 6 months or whatever the release schedule is.
I'm stuck with Ubuntu 16.10 on the laptop but run Korora 24 in a VM.
-
@scottalanmiller said in FreeIPA Server & Client:
@stacksofplates said in FreeIPA Server & Client:
@scottalanmiller said in FreeIPA Server & Client:
@stacksofplates said in FreeIPA Server & Client:
@AlyRagab said in FreeIPA Server & Client:
@stacksofplates said in FreeIPA Server & Client:
Another thing to try, do you have the ipa-admintools package installed on your client? If you do, what output do you get if you kinit and then run ipa user-find --all?
the admintools package is installed , but when i tried to run " ipa user-find --all " it shows this error :
[root@client ~]# ipa user-find --all
ipa: ERROR: 2.114 client incompatible with 2.112 server at 'https://ipa.server.local/ipa/xml'That's what I feared. I think to be able to run the IPA client on Fedora you will need to run the IPA server on Fedora server, not CentOS.
Or go the opposite and use CentOS 7 workstation instead of Fedora. I actually prefer the CentOS 7 workstation to Fedora, and I'm going to be switching back on my home laptop.
What about CentOS 7 workstation are you liking? I'm a Fedora fan and like Korora's mix of it the most.It
I like fedora a lot. But I had CentOS workstation for a long time after 7 came out. It's rock solid, like you have to try to break it. I've had some weird issues with fedora, both 23 and 24 that seemed a little buggy. In my experience Fedora with Gnome has been slower than CentOS with Gnome. Ive only ever found one thing I couldn't run on CentOS and that was FreeCAD, but it didn't run super well on Fedora either.
Plus there is the not needing to reinstall every 6 months or whatever the release schedule is.
I'm stuck with Ubuntu 16.10 on the laptop but run Korora 24 in a VM.
I haveKorora 24 Gnome on my laptop currently. Its ok, I still prefer stock Fedora with Gnome though.
-
@stacksofplates said in FreeIPA Server & Client:
@scottalanmiller said in FreeIPA Server & Client:
@stacksofplates said in FreeIPA Server & Client:
@scottalanmiller said in FreeIPA Server & Client:
@stacksofplates said in FreeIPA Server & Client:
@AlyRagab said in FreeIPA Server & Client:
@stacksofplates said in FreeIPA Server & Client:
Another thing to try, do you have the ipa-admintools package installed on your client? If you do, what output do you get if you kinit and then run ipa user-find --all?
the admintools package is installed , but when i tried to run " ipa user-find --all " it shows this error :
[root@client ~]# ipa user-find --all
ipa: ERROR: 2.114 client incompatible with 2.112 server at 'https://ipa.server.local/ipa/xml'That's what I feared. I think to be able to run the IPA client on Fedora you will need to run the IPA server on Fedora server, not CentOS.
Or go the opposite and use CentOS 7 workstation instead of Fedora. I actually prefer the CentOS 7 workstation to Fedora, and I'm going to be switching back on my home laptop.
What about CentOS 7 workstation are you liking? I'm a Fedora fan and like Korora's mix of it the most.It
I like fedora a lot. But I had CentOS workstation for a long time after 7 came out. It's rock solid, like you have to try to break it. I've had some weird issues with fedora, both 23 and 24 that seemed a little buggy. In my experience Fedora with Gnome has been slower than CentOS with Gnome. Ive only ever found one thing I couldn't run on CentOS and that was FreeCAD, but it didn't run super well on Fedora either.
Plus there is the not needing to reinstall every 6 months or whatever the release schedule is.
I'm stuck with Ubuntu 16.10 on the laptop but run Korora 24 in a VM.
I haveKorora 24 Gnome on my laptop currently. Its ok, I still prefer stock Fedora with Gnome though.
I use it with Cinnamon, that's the cool bit
-
@scottalanmiller said in FreeIPA Server & Client:
@stacksofplates said in FreeIPA Server & Client:
@scottalanmiller said in FreeIPA Server & Client:
@stacksofplates said in FreeIPA Server & Client:
@scottalanmiller said in FreeIPA Server & Client:
@stacksofplates said in FreeIPA Server & Client:
@AlyRagab said in FreeIPA Server & Client:
@stacksofplates said in FreeIPA Server & Client:
Another thing to try, do you have the ipa-admintools package installed on your client? If you do, what output do you get if you kinit and then run ipa user-find --all?
the admintools package is installed , but when i tried to run " ipa user-find --all " it shows this error :
[root@client ~]# ipa user-find --all
ipa: ERROR: 2.114 client incompatible with 2.112 server at 'https://ipa.server.local/ipa/xml'That's what I feared. I think to be able to run the IPA client on Fedora you will need to run the IPA server on Fedora server, not CentOS.
Or go the opposite and use CentOS 7 workstation instead of Fedora. I actually prefer the CentOS 7 workstation to Fedora, and I'm going to be switching back on my home laptop.
What about CentOS 7 workstation are you liking? I'm a Fedora fan and like Korora's mix of it the most.It
I like fedora a lot. But I had CentOS workstation for a long time after 7 came out. It's rock solid, like you have to try to break it. I've had some weird issues with fedora, both 23 and 24 that seemed a little buggy. In my experience Fedora with Gnome has been slower than CentOS with Gnome. Ive only ever found one thing I couldn't run on CentOS and that was FreeCAD, but it didn't run super well on Fedora either.
Plus there is the not needing to reinstall every 6 months or whatever the release schedule is.
I'm stuck with Ubuntu 16.10 on the laptop but run Korora 24 in a VM.
I haveKorora 24 Gnome on my laptop currently. Its ok, I still prefer stock Fedora with Gnome though.
I use it with Cinnamon, that's the cool bit
Ah ya, I use Gnome 3 for the extensions.
-
So what about Ubuntu , i have a client with a lot of ubuntu 14.04 as workstations , do i need to install the FreeIPA on a Ubuntu Server to be compatible with ubuntu workstations ?.
-
@AlyRagab I have connected Linux Mint, to a CentOS freeIPA server.
-
@brianlittlejohn said in FreeIPA Server & Client:
@AlyRagab I have connected Linux Mint, to a CentOS freeIPA server.
if the problem is not related to compatibility issues so may be the problem is related to PAM Configuration , so the question here is did you do any manual configuration to any of the PAM Modules ? , do i need to do for the Module that responsible for the authentication through the login screen in Ubuntu ?.
-
@AlyRagab I had to manually change a few things. I don't remember what exactly, I was just testing thing, I was following a guide online. My linux skills are still in development.
-
@AlyRagab said in FreeIPA Server & Client:
So what about Ubuntu , i have a client with a lot of ubuntu 14.04 as workstations , do i need to install the FreeIPA on a Ubuntu Server to be compatible with ubuntu workstations ?.
No, FreeIPA is FreeIPA.
-
@brianlittlejohn said in FreeIPA Server & Client:
@AlyRagab I have connected Linux Mint, to a CentOS freeIPA server.
Which Mint?
-
@stacksofplates at the time it was 17.3
-
@AlyRagab said in FreeIPA Server & Client:
So what about Ubuntu , i have a client with a lot of ubuntu 14.04 as workstations , do i need to install the FreeIPA on a Ubuntu Server to be compatible with ubuntu workstations ?.
No you can use CentOS. The issue here is the difference in version of client to server.
-
@brianlittlejohn said in FreeIPA Server & Client:
@stacksofplates at the time it was 17
Ya, that's 14.04. Probably why it worked.
-
So this page http://www.freeipa.org/page/Client says SSSD should be backwards compatible. It's just the ipa-admintools that is not backwards compatible.
-
@stacksofplates said in FreeIPA Server & Client:
So this page http://www.freeipa.org/page/Client says SSSD should be backwards compatible. It's just the ipa-admintools that is not backwards compatible.
yes you are right , because when i installed the ipa-admintools then run the command "ipa find-user --all " it showed this error " ipa: ERROR: 2.65 client incompatible with 2.49 server at u'https://ipa.example.com/ipa/xml' "
but now i am thinking that i have to change something related to the PAM Modules that responsible for the authentication through the client login screen but what is that ? -
@AlyRagab said in FreeIPA Server & Client:
@stacksofplates said in FreeIPA Server & Client:
So this page http://www.freeipa.org/page/Client says SSSD should be backwards compatible. It's just the ipa-admintools that is not backwards compatible.
yes you are right , because when i installed the ipa-admintools then run the command "ipa find-user --all " it showed this error " ipa: ERROR: 2.65 client incompatible with 2.49 server at u'https://ipa.example.com/ipa/xml' "
but now i am thinking that i have to change something related to the PAM Modules that responsible for the authentication through the client login screen but what is that ?Your config had the sss module and nsswitch.conf was calling sss, I'm not sure what's missing. I tried your system-auth and password-auth files on one of my machines and they worked.
-
Your config had the sss module and nsswitch.conf was calling sss, I'm not sure what's missing. I tried your system-auth and password-auth files on one of my machines and they worked.
i will re-install the IPA server and client again and tell you the result
