[Freeipa-users] ipa_get_*_acct request failed: [22]: Invalid argument on IPA client when looking up AD users
Troels Hansen
th at casalogic.dk
Tue Aug 9 12:29:51 UTC 2016
----- On Aug 9, 2016, at 2:09 PM, Jakub Hrozek jhrozek at redhat.com wrote:
>>
>> So, I currently works in the current RedHat (sssd-ipa-1.13.0-40.el7_2.12) but
>> only on the server, but not on a pure IPA client, but will work in 1.14.0 ?
>
> I would not recommend this setting on the server, even with 1.14,
> because some components of the stack rely on the name of trusted users
> being qualified, namely the compat plugin IIRC parses the names.
>
> But on clients, this should work.
>
>>
>> I guess this will be included in RedHat 7.3?
>
> Yes.
I guess I have hit some sort of configuration parameter combination that made it not work...... I have removed the full_name_format on the server, but kept
"ldap_user_principal = nosuchattr" and
"subdomain_inherit = ldap_user_principal" on both server untill 7.3 arrives.
This seems to work.
More information about the Freeipa-users
mailing list