[Freeipa-users] Automember enrolledby
Rob Crittenden
rcritten at redhat.com
Wed Feb 4 23:21:44 UTC 2015
Mark Esman wrote:
> Hello all,
>
> I'm having a little trouble with the automember function using
> "enrolledby" attribute. I have tried a number of different regex's
> to define the username and automagically enroll the host into the
> specified host group:
>
> .*ipainstaller.* <no quotes around regex>
> ".*ipainstaller.*" <double quotes around regex>
> '.*ipainstaller.*' <single quotes around regex>
> etc.
>
> After client install, the server command:
>
> server#> ipa host-find machine.example.com --all
>
> shows: enrolledby_user: ipainstaller <this is the correct output>
> but the machine is not enrolled in the assigned host group.
>
> My server is Centos 7 with ipa-server.x86_64 3.3.3-28.0.1.el7.centos.3
> from the updates repo.
>
> I found this link, but it doesn't look like any work has been
> done on this issue. https://fedorahosted.org/freeipa/ticket/3598
>
> Has anyone seen this issue and/or have a workaround?
>
automember is executed when new entries are added. The enrolled_by isn't
set at the same time the host is added so it isn't triggering the rule.
IPA 4.0 added an automember-rebuild which would pick this up but you'd
need to run this periodically.
I updated the ticket with this information as well.
rob
More information about the Freeipa-users
mailing list