RHEL 6.5 - new install ipa-server-3.0.0-42.el6.x86_64 389-ds-base-1.2.11.15-47.el6.x86_64
On the master, I get nothing [root@ipa001 log]# getent passwd admin [root@ipa001 log]# But it works on the replica as expected [root@ipa002nadev01 ~]# getent passwd admin admin:*:1140000000:1110000000:Administrator:/home/admin:/bin/bash I am used to using PADL / NSSWITCH with OpenLDAP and I am rather surprised that on both, 'getent passwd' and 'getent group' return only entries from local files but then again, I've never used sssd before. Partial from /etc/sssd/sssd.conf [domain/stt.local] cache_credentials = True krb5_store_password_if_offline = True ipa_domain = stt.local id_provider = ipa auth_provider = ipa access_provider = ipa ipa_hostname = ipa001nadev01.stt.local chpass_provider = ipa ipa_server = ipa001nadev01.stt.local ldap_tls_cacert = /etc/ipa/ca.crt [sssd] services = nss, sudo, pam, ssh config_file_version = 2 domains = stt.local debug_level = 6 Shouldn't I be seeing both local files and IPA defined users with 'getent passwd' and IPA defined users with 'getent group' commands? What could cause 'getent passwd admin' not to work on the master server now when I know I tested it when I first set it up and it worked? I have done little more than import users and groups from OpenLDAP and configure HBAC, sudo stuff in the IPA web UI. Craig White System Administrator O 623-201-8179 M 602-377-9752 [cid:[email protected]] SkyTouch Technology 4225 E. Windrose Dr. Phoenix, AZ 85032
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
