[Freeipa-users] ssh and sudo password authentication not working with freeipa-client 3.3.4-0ubuntu3.1 on Ubuntu 14.04
Sumit Bose
sbose at redhat.com
Wed Oct 7 08:37:09 UTC 2015
On Tue, Oct 06, 2015 at 03:39:43PM +0200, Alexander Skwar wrote:
> Hello Sumit
>
> ipa-client-install hasn't set krb5_realm. I did that.
>
> We're using Chef-Solo to manage our systems and I have /etc/sssd/sssd.conf
> in chef. So it overwrote, whatever ipa-client-install put there. And that's
> how the mistake happened.
Thank you for the details, I was afraid there might be an issue with
ipa-client-install. Btw, please note that there are important
differences in /etc/sssd/sssd.conf for IPA clients and servers.
Additionally if you have multiple IPA servers you should make sure that
suitable server names are used in
ipa_server = _srv_, ipa-server.ipa.domain
on IPA clients. Although it is only a fallback server name it would
be good to have all IPA servers involved here so that in the case of
issues not all clients will fall back to the same server.
bye,
Sumit
>
> I think the ipa-client-install discovered everything right. I'm attaching
> the log.
yes, all looks good.
>
> Best regards,
> Alexander
>
>
>
>
More information about the Freeipa-users
mailing list