[Freeipa-users] Centos IPA Client fails after upgrade to 6.6
Lukas Slebodnik
lslebodn at redhat.com
Sat Nov 8 16:44:51 UTC 2014
On (08/11/14 12:24), Diaulas Castro wrote:
>We have similar issue but on RHEL 6.6 (sssd 1.11), the problem is about
>enumerating groups.
>
Diaulas,
Have you reported your problem?
I know just about one problem with IPA and sssd-1.11 (on RHEL 6.6)
The upstream bug is https://fedorahosted.org/sssd/ticket/2471
There is a workaround. You can change value of option ldap_group_object_class
in domain section to ipaUserGroup
ldap_group_object_class = ipaUserGroup
Could you confirm that you had the same problem?
Otherwise please report bug either to upstream trac or Red Had Bugzilla.
>Use the command "id some_group_that_user_belong" on affected client, logout
>and try logon again.
>
>Our issue was with sudo not working, but everything based on groups stopped
>to work too.
>
>For workaround (if this is your problem too) edit sssd.con on domain
>section:
>enumarating = true
It would be better to fix it in sssd.
LS
More information about the Freeipa-users
mailing list