eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.

Server stats:

225
active users

#freeipa

0 posts0 participants0 posts today

Day 1 of : has started with possibly the biggest team of 14 people from several countries. To build the proof of concept, the team works on several sub tasks:

- building the EU OS image
- setting up full-disk encryption
- setting up FIDO2 hardware key to unlock encryption
- fleet management with
- user management with (if time is left)

1/2

5 days until at Paris : The architecture for EU OS must permit a migration phase in which both and EU OS run in parallel (hybrid setup). This way, organisations can do tests with only few of their staff (e.g. developers/engineers) while keeping everything as is for e.g. HR/business-critical functions. In principle, staffers may also have a Windows and an EU OS laptop at the same time. 1/2

Installed #openSUSE #Tumbleweed today to run some tests for a job ....

Install went fine, looks nice and all ... until I'm starting to install the #FreeIPA client ... geee! That's not even packaged in the main OS repos. I mean .... HELLO!?!

Normally when I install new hosts, I just install the ipa-client or freeipa-client package and run ipa-client-install .... and I have everything set up for SSO authentication. It's the most convenient way to have a centralized management of your users and hosts.

#Fedora and #RHEL and clones just works out-of-the-box. #Debian and #Ubuntu may have some quirks, but usually mostly works fine.

OpenSUSE? This is going to be painfully ... after installing an additional ipsilon repo and the freeipa-client package ... ipa-client-install splats out with a missing Python dependency ....

This may take longer than I anticipated ...

sigh
...
...
sighsigh

Today something I wanted to do for a long time worked so well, that I'm impressed:

Configured a ubuntu install on raspberry pi to use automount maps from #freeipa and configured TrueNAS to export the home directory with nfs4 and kerberos.

Worked amazingly! Now we got our home directories mounted from our NAS on the linux machines. It was so cool that it worked.

The only annoying thing is that Firefox and thunderbird installed with Snap don't work well with those directories.

Tech Help! 🆘

I have a Synology NAS. And I want to use Kerberos on it for NFS.

Is aes256-cts-hmac-sha1-96 and aes128-cts-hmac-sha1-96 okay for DSM 7.1.1?

I am getting
gss_accept_sec_context(): GSS_S_FAILURE (Unspecified GSS failure. Minor code may provide more information) - No key table entry

Despite matching hosts, DNS, ptr, KVNO, principals.... Ugh..

#linux#synology#nas

My #introduction (since I changed instance):

I am a Norwegian IT-engineer at the University of #Oslo. Originally from #Brazil, I moved to #Norway in 2011.

I work mostly with VMware stuff, but also spend most part of my days configuring #linux images for VDI's, #Nextcloud, #Kerberos, #FreeIPA, #keycloak, etc.

I love #running, #sourdough baking and became #vegan in Feb 2022. I have #glaucoma.

I started mastodon.babb.no for friends and colleagues.

Mastodon hosted on babb.noBabb.noThis Norwegian Mastodon server is an unofficial meeting place for University of Oslo people, and more!