[Freeipa-users] Where is SID stored after ipa-adtrust-install?
Jeff Goddard
jgoddard at emerlyn.com
Wed Feb 8 16:21:31 UTC 2017
I had this same issue and the value was only added after a password change.
Jeff
On Wed, Feb 8, 2017 at 11:10 AM, Alexander Bokovoy <abokovoy at redhat.com>
wrote:
> On ke, 08 helmi 2017, Armaan Esfahani wrote:
>
>> I’ve been having issues with some of my IPA seemingly not getting SID’s
>> after the install, even after running with the –add-sids modifier. I
>> was wondering where the SID values are located so that I can take a
>> look at what’s happening/
>>
> In the user object itself, ipaNTSecurityIdentifier attribute.
>
> If you have SIDs not generated, there are two potential issues that
> cause it:
> - sidgen plugin configuration looking at wrong basedn
> - ID ranges you have do not allow to map UID/GID to SID
>
> If you ran ipa-adtrust-install --add-sids and it generated nothing, look
> at /var/log/dirsrv/slapd-INSTANCE/errors log file. There should be at
> least two lines:
>
> [01/Feb/2017:14:28:24.189906631 +0100] sidgen_task_thread - [file
> ipa_sidgen_task.c, line 194]: Sidgen task starts ...
> [01/Feb/2017:14:28:24.192039515 +0100] sidgen_task_thread - [file
> ipa_sidgen_task.c, line 199]: Sidgen task finished [0].
>
> If there are any errors causing issues with SID generation, they will be
> in between these two lines.
>
>
> --
> / Alexander Bokovoy
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170208/3e2ef674/attachment.htm>
More information about the Freeipa-users
mailing list