[Freeipa-users] Login Troubles with Centos7 and external users (4.2.0-15.0.1.el7.centos.17)
Jake
freeipa at jacobdevans.com
Thu Aug 4 15:47:12 UTC 2016
Jakub,
Resolved seems to be working (I swear restarting sssd and adding the debug line does some magic), the sssd performance blog worked out quite well.
I did not need to make any changes to my trust relationship, re-running the ad trust setup steps and restarting sssd did the trick.
Thank You!
----- Original Message -----
From: "Jakub Hrozek" <jhrozek at redhat.com>
To: "Jake" <freeipa at jacobdevans.com>
Cc: freeipa-users at redhat.com
Sent: Thursday, August 4, 2016 3:48:14 AM
Subject: Re: [Freeipa-users] Login Troubles with Centos7 and external users (4.2.0-15.0.1.el7.centos.17)
On Wed, Aug 03, 2016 at 08:38:00PM -0400, Jake wrote:
> Thanks Jakub,
> turns out 'getent password username at legacy.example.org' only works on 1 of the 4 ipa servers (the one I created the domain trust with).
OK, then we need to first fix all the servers before proceeding to the
clients.
>
> I re-ran ipa-adtrust-install on them and no change, is there a similar post I can follow to correct these & retrace my steps or does the trust need configured on each.
For IPA:
http://www.freeipa.org/page/Active_Directory_trust_setup#Debugging_trust
For SSSD:
https://fedorahosted.org/sssd/wiki/Troubleshooting
I would personally start with looking into the SSSD logs on the server
that is misbehaving.
More information about the Freeipa-users
mailing list