[Freeipa-users] Re: FreeIPA beginner
Simo Sorce
ssorce at redhat.com
Thu Jun 4 12:58:26 UTC 2009
Moved to freeipa-users,
Rob please use this list for user help questions.
On Thu, 2009-06-04 at 14:46 +0200, Rob Visser wrote:
> Hello,
>
> Just recently I installed na IPA server and IP client on two Fedora 10
> computers.
> I managed to get ssh working for the admin user (with single sign on).
> I am confused about the the relation between Kerberos and UNIX
> identities.
> A few questions:
> - Is it required to add the UNIX user (in the passwd file) after
> entering the user with FreeIPA? Or perhaps the other way around?
your client should be configured to use nss_ldap, users are created on
the freeIPA server and seen by all clients.
> - If so, then I assume with the UID/GID that are generated with the
> "add user".
UID/GID are generate on the freeipa server and distributed to all
clients via nss_ldap
> - The admin user automagically seems to be linked to the (unix) root
> user?
It should really not be, did you create some mapping on the client ?
> When I create a new user with FreeIPA, then I can login with GDM with
> the new identity, however, the pam_namespace does not create
> a /home/user and /tmp
pam_mkhomedir is what creates home directories if properly configured.
> When I try to change the Kerkeros password, it complains that it
> cannot find any kdc.
looks like a network or client configuration issue.
> Is there something I missed in reading documents?
>
> Any help is appreciated.
Make sure you follow the user guides throughly.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list