[Freeipa-users] IPA users not visible in NIS passwd map
Prasun Gera
prasun.gera at gmail.com
Wed Jan 13 21:20:30 UTC 2016
They are authenticated using CRYPT passwords. i.e. Even after a user is
disabled in ipa, it's entry is still visible in ypcat passwd on the
clients.
On Wed, Jan 13, 2016 at 4:17 PM, Alexander Bokovoy <abokovoy at redhat.com>
wrote:
> On Wed, 13 Jan 2016, Prasun Gera wrote:
>
>> I think I've solved this. I don't know what or who enabled it, but for
>> some
>> reason the original NIS service (ypserv) was running on the server. That
>> was taking precedence over ipa's fake NIS, and causing problems. I have
>> now
>> deleted the maps and commented them out in the Makefile so that it doesn't
>> get enabled accidentally again.
>>
>> I do see another problem though. In an attempt to clean up a lot of old
>> users, I have disabled them in the webui. This works for ipa clients and
>> access is denied, but the users can still log in on the old NIS clients.
>> Is
>> this a known limitation ?
>>
> How they are authenticated on the NIS clients? FreeIPA does not provide
> shadow map.
> --
> / Alexander Bokovoy
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160113/43634fab/attachment.htm>
More information about the Freeipa-users
mailing list