[Freeipa-users] IPA users not visible in NIS passwd map
Prasun Gera
prasun.gera at gmail.com
Tue Jan 12 02:21:05 UTC 2016
This is the output of the command:
ldapsearch -LLL -H $(cat /etc/ipa/default.conf | grep ldap_uri|cut -d=
-f2) -b cn=config '(nis-domain=*)' dn CreateTimestamp ModifyTimestamp
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
dn: nis-domain=domain.edu+nis-map=auto.home,cn=NIS
Server,cn=plugins,cn=config
CreateTimestamp: 20150321091139Z
ModifyTimestamp: 20150321091139Z
dn: nis-domain=domain.edu+nis-map=auto.local,cn=NIS
Server,cn=plugins,cn=confi
g
CreateTimestamp: 20150321091209Z
ModifyTimestamp: 20150321091209Z
dn: nis-domain=domain.edu+nis-map=auto.master,cn=NIS
Server,cn=plugins,cn=conf
ig
CreateTimestamp: 20150321091201Z
ModifyTimestamp: 20150321091201Z
dn: nis-domain=domain.edu+nis-map=ethers.byaddr,cn=NIS
Server,cn=plugins,cn=co
nfig
CreateTimestamp: 20150320220124Z
ModifyTimestamp: 20150320220124Z
dn: nis-domain=domain.edu+nis-map=ethers.byname,cn=NIS
Server,cn=plugins,cn=co
nfig
CreateTimestamp: 20150320220124Z
ModifyTimestamp: 20150320220124Z
dn: nis-domain=domain.edu+nis-map=group.bygid,cn=NIS
Server,cn=plugins,cn=conf
ig
CreateTimestamp: 20150320220124Z
ModifyTimestamp: 20150320220124Z
dn: nis-domain=domain.edu+nis-map=group.byname,cn=NIS
Server,cn=plugins,cn=con
fig
CreateTimestamp: 20150320220124Z
ModifyTimestamp: 20150320220124Z
dn: nis-domain=domain.edu+nis-map=netgroup,cn=NIS
Server,cn=plugins,cn=config
CreateTimestamp: 20150320220124Z
ModifyTimestamp: 20150320220124Z
dn: nis-domain=domain.edu+nis-map=netid.byname,cn=NIS
Server,cn=plugins,cn=con
fig
CreateTimestamp: 20150320220124Z
ModifyTimestamp: 20150320220124Z
dn: nis-domain=domain.edu+nis-map=passwd.byname,cn=NIS
Server,cn=plugins,cn=co
nfig
CreateTimestamp: 20150320220124Z
ModifyTimestamp: 20150320220124Z
dn: nis-domain=domain.edu+nis-map=passwd.byuid,cn=NIS
Server,cn=plugins,cn=con
fig
CreateTimestamp: 20150320220124Z
ModifyTimestamp: 20150320220124Z
All the maps are listed from what I can tell. passwd is the one that is not
working as expected. Autofs maps are working all right on nis clients.
On Mon, Jan 11, 2016 at 4:21 PM, Alexander Bokovoy <abokovoy at redhat.com>
wrote:
> On Mon, 11 Jan 2016, Prasun Gera wrote:
>
>> I upgraded ipa to 4.2 on my rhel 7.2 servers a few weeks ago. One of the
>> users reported that he is not able to log in to certain systems any more.
>> It turns out that there is some change in behaviour w.r.t NIS clients
>> after
>> this upgrade. I see that his username is not visible in "ypcat passwd" on
>> the old clients that are using NIS. This user was added natively through
>> ipa. The old users that were migrated from NIS still work as expected on
>> the NIS clients. I can also confirm that if I add a new user now in ipa,
>> it
>> is not visible in NIS maps. Until we phase out the NIS clients completely,
>> I would like all users to be able to log into them. This used to be the
>> case, but a recent update seems to have changed that. I don't know if this
>> is intentional. How do i revert to the old behaviour ?
>>
> Do you see all the maps configured?
>
> # ldapsearch -LLL -H $(cat /etc/ipa/default.conf | grep ldap_uri|cut -d=
> -f2) -b cn=config '(nis-domain=*)' dn CreateTimestamp ModifyTimestamp
>
> We have a bug in the upgrade script that was fixed this morning
> https://www.redhat.com/archives/freeipa-devel/2016-January/msg00154.html
>
> --
> / Alexander Bokovoy
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160111/bbe3a8d6/attachment.htm>
More information about the Freeipa-users
mailing list