[Freeipa-users] SUDO with HostGroup and UserGroup not working

Yogesh Sharma yks0000 at gmail.com
Mon Mar 23 08:53:52 UTC 2015 

Sure Jakub. ++FreeIPA-Users

"getent netgroup" not working on IPA Server

[root at mipa ~]# getent netgroup stg.initd.com
[root at mipa ~]#



[root at mipa ~]# ipa hostgroup-show cipa-servers
  Host-group: cipa-servers
  Description: cipa
  Member hosts: cipa.stg.initd.com
  Member of netgroups: stg.initd.com

[root at mipa ~]# ipa netgroup-show stg.initd.com
  Netgroup name: stg.initd.com
  Description: ss
  NIS domain name: stg.initd.com
  Member Group: admins, ipausers, masteruser, trust admins, webuser
  Member Hostgroup: sipa-servers, cipa-servers

However, I re-register the IPA Client and I am able to query netgroup,
Though it does not shows cipa.stg.initd.com whereas IPA Server query "ipa
netgroup-show stg.initd.com" has it in list.

[root at cipa ~]# getent passwd admin
admin:*:1170400000:1170400000:Administrator:/home/admin:/bin/bash
[root at cipa ~]# getent netgroup stg.initd.com
stg.initd.com      (sipa.stg.initd.com,-,stg.initd.com)
[root at cipa ~]#






*Best Regards,__________________________________________*

*Yogesh Sharma*
*Email: yks0000 at gmail.com <yks0000 at gmail.com> | Web: www.initd.in
<http://www.initd.in>*

RHCE, VCE-CIA, RackSpace Cloud U
[image: My LinkedIn Profile] <http://in.linkedin.com/in/yks0000>


On Mon, Mar 23, 2015 at 1:21 PM, Jakub Hrozek <jhrozek at redhat.com> wrote:

> On Mon, Mar 23, 2015 at 12:29:03PM +0530, Yogesh Sharma wrote:
> > Thanks Jakub for the reply. Please find the details:
>
> Please keep the replies on the list, if possible. Other users might run
> into the same problem and then the archives become really useful.
>
> >
> > It shows nisdomain but not netgroup:
> >
> > [root at cipa ~]# nisdomainname
> > $NISDOMAINNAME_VALUE
> > [root at cipa ~]# getent netgroup cipa-servers
> > [root at cipa ~]#
> >
> >
> > However , From IPA Server, I am able to query host under netgroup
>
> Can you query the netgroup on the IPA server using getent netgroup?
>
> Can you query users on the IPA client? (getent passwd admin)
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150323/7821c2bc/attachment.htm>

More information about the Freeipa-users mailing list