[Freeipa-users] Password entry through Trust not correct
Dmitri Pal
dpal at redhat.com
Sat Mar 21 17:42:06 UTC 2015
On 03/20/2015 08:56 PM, McEvoy, James wrote:
>
> When I look at the password entries for my rfc2307 account in Active
> directory I get three different answers.
>
> The only correct one is on a server where I used sssd to join AD
> directly ( the last one ). Do I need to configure
>
> rfc2307? When I configured the server to join AD directly I use the
> option --enablerfc2307bis when I run authconfig.
>
> from a freeipa client:
>
> $ getent passwd jemcevoy at ENAS.NET
>
> jemcevoy at enas.net:*:10001:10004::/home/enas.net/jemcevoy:
>
> from the ipa server:
>
> [root at ipa ~]# getent passwd jemcevoy at ENAS.NET
>
> jemcevoy at enas.net:*:10001:10004:James
> McEvoy:/home/enas.net/jemcevoy:/bin/bash
>
> from a server that joined AD directly using sssd:
>
> $ getent passwd jemcevoy at ENAS.NET
>
> jemcevoy:*:10001:10004:James McEvoy:/home/jemcevoy:/bin/bash
>
>
>
Hi,
Let us step back.
What versions of the server and of the client and on what platforms?
When you set trust, how did you set it?
It might be that IPA server did not detect that you have Posix
extensions in AD.
There is some heuristics involved so probably you should use explicit
parameters to tell IPA whether you have posix in AD or not.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150321/0aad71d2/attachment.htm>
More information about the Freeipa-users
mailing list