Mark Esman wrote: > Hello all, > > I'm having a little trouble with the automember function using > "enrolledby" attribute. I have tried a number of different regex's > to define the username and automagically enroll the host into the > specified host group: > > .*ipainstaller.* <no quotes around regex> > ".*ipainstaller.*" <double quotes around regex> > '.*ipainstaller.*' <single quotes around regex> > etc. > > After client install, the server command: > > server#> ipa host-find machine.example.com --all > > shows: enrolledby_user: ipainstaller <this is the correct output> > but the machine is not enrolled in the assigned host group. > > My server is Centos 7 with ipa-server.x86_64 3.3.3-28.0.1.el7.centos.3 > from the updates repo. > > I found this link, but it doesn't look like any work has been > done on this issue. https://fedorahosted.org/freeipa/ticket/3598 > > Has anyone seen this issue and/or have a workaround? >
automember is executed when new entries are added. The enrolled_by isn't set at the same time the host is added so it isn't triggering the rule. IPA 4.0 added an automember-rebuild which would pick this up but you'd need to run this periodically. I updated the ticket with this information as well. rob -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
