Jakub, Resolved seems to be working (I swear restarting sssd and adding the debug line does some magic), the sssd performance blog worked out quite well.
I did not need to make any changes to my trust relationship, re-running the ad trust setup steps and restarting sssd did the trick. Thank You! ----- Original Message ----- From: "Jakub Hrozek" <[email protected]> To: "Jake" <[email protected]> Cc: [email protected] Sent: Thursday, August 4, 2016 3:48:14 AM Subject: Re: [Freeipa-users] Login Troubles with Centos7 and external users (4.2.0-15.0.1.el7.centos.17) On Wed, Aug 03, 2016 at 08:38:00PM -0400, Jake wrote: > Thanks Jakub, > turns out 'getent password [email protected]' only works on 1 of > the 4 ipa servers (the one I created the domain trust with). OK, then we need to first fix all the servers before proceeding to the clients. > > I re-ran ipa-adtrust-install on them and no change, is there a similar post I > can follow to correct these & retrace my steps or does the trust need > configured on each. For IPA: http://www.freeipa.org/page/Active_Directory_trust_setup#Debugging_trust For SSSD: https://fedorahosted.org/sssd/wiki/Troubleshooting I would personally start with looking into the SSSD logs on the server that is misbehaving. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
