[Freeipa-users] IPA users not visible in NIS passwd map
Alexander Bokovoy
abokovoy at redhat.com
Mon Jan 11 21:21:25 UTC 2016
On Mon, 11 Jan 2016, Prasun Gera wrote:
>I upgraded ipa to 4.2 on my rhel 7.2 servers a few weeks ago. One of the
>users reported that he is not able to log in to certain systems any more.
>It turns out that there is some change in behaviour w.r.t NIS clients after
>this upgrade. I see that his username is not visible in "ypcat passwd" on
>the old clients that are using NIS. This user was added natively through
>ipa. The old users that were migrated from NIS still work as expected on
>the NIS clients. I can also confirm that if I add a new user now in ipa, it
>is not visible in NIS maps. Until we phase out the NIS clients completely,
>I would like all users to be able to log into them. This used to be the
>case, but a recent update seems to have changed that. I don't know if this
>is intentional. How do i revert to the old behaviour ?
Do you see all the maps configured?
# ldapsearch -LLL -H $(cat /etc/ipa/default.conf | grep ldap_uri|cut -d= -f2) -b cn=config '(nis-domain=*)' dn CreateTimestamp ModifyTimestamp
We have a bug in the upgrade script that was fixed this morning
https://www.redhat.com/archives/freeipa-devel/2016-January/msg00154.html
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list