[Freeipa-users] sssd options ignored?
Gould, Joshua
Joshua.Gould at osumc.edu
Wed Mar 18 13:24:18 UTC 2015
On 3/18/15, 4:28 AM, "Alexander Bokovoy" <abokovoy at redhat.com> wrote:
>On Wed, 18 Mar 2015, Gould, Joshua wrote:
>>
>>
>>I¹ll be happy to remove the AD section from the sssd.conf file and test
>>but I think there¹s more going on. The AD section was generated from the
>>IPA client install. I never manually added anything other than ³pac² to
>>the services line under the [sssd] section and the two ldap_idmap_range
>>options.
>Show your /var/log/ipaclient-install.log. ipa-client-install has no
>support to generate sections for AD at all.
I think then it would have to be the “ipa trust-add” command which
generates those sections then? The command that I used was:
# ipa trust-add --type=ad TEST.OSUWMC ―-admin=farus ―password
--range-type=ipa-ad-trust
Active Directory domain administrator's password:
ipa: ERROR: AD DC was unable to reach any IPA domain controller. Most
likely it is a DNS or firewall issue
The trust was created even with that error message and seems to work.
More information about the Freeipa-users
mailing list