[Freeipa-users] No result when trying to integrate a FreeBSD client with the FreeIPA server

[Jakub Hrozek]

On Mon, Oct 13, 2014 at 10:10:12PM +0400, Орхан Касумов wrote:
>  Good day to everybody.
> There`s a post on how to make a FreeBSD client work with a FreeIPA server:  https://forums.freebsd.org/viewtopic.php?f=39&t=46526&p=260146#p260146  
> For some reason the instructions in that post don`t lead to a working solution.
> Getent passwd/group return no data from the IPA server, although ldapsearch works fine.
> I followed the instructions exactly (+ configured ldap.conf & started sssd) and didn`t get errors anywhere, all steps completed successfully.
> My setup: 2 VMs, one is the FreeIPA server (on Fedora 20), the other is a FreeBSD client (on FreeBSD 10.0).
> IPA server is configured as written in the IPA Quick Start Quide, it has no integrated DNS server.
> Both VMs have identical /etc/hosts file:
> 
> ::1                    localhost
> 127.0.0.1         localhost
> 192.168.1.10   ipa1.mydomain.com ipa1
> 192.168.1.30   bsd1.mydomain.com bsd1
> 
> Seems like some instructions in etc/nsswitch.conf file, like "group: files sss" and "passwd: files sss" have no effect.
> Does anybody tried this setup, what could be wrong with it?
> I can provide outputs of any commands if necessary.
> If I shouldn`t have asked this question here, please advise me where to ask.
> Any hint on what to do will be highly appreciated!

Hi,

I think SSSD logs would be the best start..

Put debug_level=7 into the [domain] section, restart SSSD and then check
out /var/log/sssd/*.log