[Freeipa-users] Queries on migrating nis netgroups
Roderick Johnstone
rmj at ast.cam.ac.uk
Tue Dec 22 11:10:08 UTC 2015
Hi
I'm migrating our nis environment to freeipa 4.2.0 on Redhat 7.
I need to have the netgroups set up in freeipa before migrating systems
to be freeipa clients.
At this point I'm trying to understand the relationship between
hostgroups and netgroups and whether I should just be using ipa
netgroup-add and ipa netgroup-add-member commands or whether I should be
using equivalent ipa hostgroup* commands.
Section 14.5.1 of the Redhat 7 Domain Identity Authentication and Policy
Guide is telling me that I get a shadow netgroup for every hostgroup I
create and that I can manage these netgroups with the
"ipa-host-net-manage" command.
I don't see the ipa-host-net-manage command. There are
ipa host* commands but these don't include ipa host-net* commands. What
am I missing here?
Also the ipa netgroup* commands don't seem to be able to manage the
shadow netgroups so I'm currently unable to manipulate my shadow
netgroups to eg change the nisdomain associated with them. How do I do that?
Also it looks like I can't add non-ipa clients into hostgroups so
presumable not into shadow netgroups either, so maybe this is a
non-starter for me. Did I understand that correctly?
Thanks
Roderick Johnstone
More information about the Freeipa-users
mailing list