hi,
I found this: https://access.redhat.com/solutions/2261041
which looks like what I am seeing at my end. In /etc/krb5.conf in
[libdefaults]
dns_lookup_realm = true
dns_lookup_kdc = true
rdns = false
dns_canonicalize_hostname = false
ticket_lifetime = 24h
forwardable = true
udp_preference_limit = 0
default_ccache_name = KEYRING:persistent:%{uid}
and If I look at my user object in AD using ldapsearch, i see
primaryGroupID: 513
which looks like the right one for 'Domain Users'.
On Fri, Dec 4, 2020 at 12:42 PM Natxo Asenjo <[email protected]> wrote:
>
> hi,
>
> let's see:
>
> server:
> ~]$ getent group 'Domain [email protected]'
> domain [email protected]:*:1576200513:[email protected]
> ~]$ getent group 1576200513
> domain [email protected]:*:1576200513:[email protected]
>
> I tried before and the list came back empty (no users, but gid could be
> resolved though), now one user (there are at least a few hundreds).
>
>
> idm client:
> $ getent group 'Domain [email protected]'
> $ getent group 1576200513
>
> So the client gets nothing back indeed. After logging in, I get an error
> in the shell: "/usr/bin/id: cannot find name for group ID 1576200513", so
> this seems related (was already wondering about this too).
>
> and in the attachment the sssd_domain log file.
>
> Thanks!
>
> --
> regards,
> Natxo
>
--
--
Groeten,
natxo
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
