Thanks for the info Rob,
Well, that's a big bummer. I am trying to write kickstart scripts
with different IPA usernames such that they will automatically enroll
machines into specific hostgroups (with associated
permissions/roles/etc). Thanks for updating the ticket...
I don't know if there's going to be a port/update for Centos 7 for
freeipa 4, but even the "automember-rebuild" feature wouldn't really
be a viable option for my situation.
Anyone else run into similar situations and have any ideas?
Mark
On 2/4/2015 5:21 PM, Rob Crittenden wrote:
Mark Esman wrote:
Hello all,
I'm having a little trouble with the automember function using
"enrolledby" attribute. I have tried a number of different regex's
to define the username and automagically enroll the host into the
specified host group:
.*ipainstaller.* <no quotes around regex>
".*ipainstaller.*" <double quotes around regex>
'.*ipainstaller.*' <single quotes around regex>
etc.
After client install, the server command:
server#> ipa host-find machine.example.com --all
shows: enrolledby_user: ipainstaller <this is the correct output>
but the machine is not enrolled in the assigned host group.
My server is Centos 7 with ipa-server.x86_64 3.3.3-28.0.1.el7.centos.3
from the updates repo.
I found this link, but it doesn't look like any work has been
done on this issue. https://fedorahosted.org/freeipa/ticket/3598
Has anyone seen this issue and/or have a workaround?
automember is executed when new entries are added. The enrolled_by isn't
set at the same time the host is added so it isn't triggering the rule.
IPA 4.0 added an automember-rebuild which would pick this up but you'd
need to run this periodically.
I updated the ticket with this information as well.
rob
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
