On Fri, 2022-08-05 at 17:58 +0200, Florence Blanc-Renaud via FreeIPA-
users wrote:
> Are those groups defined inside IdM (ie can you find the group with
> "ipa group-find --gid  1762200513" for instance)?

The majority of groups are in AD. The only groups in IdM are the POSIX
groups I've created to put the external groups (from AD) into. However,
the two clients enrolled in the domain thus far don't report exactly
the same errors. One of the two isn't able to find a group in IdM:

[email protected] groups: cannot find name for group ID 332600000

That's the default admin group. If I do a group find, it's matched
without issue:


[root@ala-ansible01 ~]# ipa group-find --gid 332600000
---------------
1 group matched
---------------
  Group name: admins
  Description: Account administrators group
  GID: 332600000
----------------------------
Number of entries returned 1
----------------------------


> Maybe you can share more details regarding the steps you followed to
> migrate from NIS to IdM.
> flo

There really isn't anything else to it. I did what I described earlier.
Here are the steps I took: 

   For Ubuntu 20.04:
   -----------------
   apt purge --auto-remove nis
   apt install freeipa-client
   hostnamectl set-hostname fqdn-name.a.b.c.d
   updated /etc/hosts
   updated /etc/resolv.conf
   ipa-client-install --mkhomedir --ssh-trust-dns --no-ntp --no-
nisdomain --automount-location ala
   

   For CentOS 7:
   -------------
   yum remove yp\*
   ipa-client-install --mkhomedir --ssh-trust-dns --no-nisdomain


It's the CentOS 7 client that's also reporting not being able to find
the name for the admin group ID.


-- 
Ranbir
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Reply via email to