[Freeipa-devel] Some observations based on the adhock testing
Rob Crittenden
rcritten at redhat.com
Fri Mar 11 22:29:52 UTC 2011
Dmitri Pal wrote:
> Hi,
>
> 1) I confirmed that capitalization in the host name makes things not work.
> I had a VM wit ha capital letter in the name.
> Everything installed fine but then "ipa" command did not work and the
> httpd error log was complaining that the host principal was not found.
> I uninstalled, changed the name and installed again - the server worked
> fine.
> I think we should fix the ticket or at least do it in release notes.
Yes, we'll need to scope it to see if we can fix it soon.
>
> 2) I noticed that the memberOf plugin use changed in IPA. It now lists
> only direct members and indirect members are stored in the other
> attribute. Is IPA back end of the SSSD aware of that?
It just appears that way in the framework. Internally they are all still
memberOf.
>
> 3) Admin is not a part of the ipausers group is this intentional?
Yes, admin is a special user.
>
> 4) There is an argument to make a group a posix group: --posix but the
> group is already a posix group if created by ipa group-add.
> Questions: how to create a non-posix group? How to make a posix group
> non-posix?
It must be created as non-posix at creation time wth the flag --nonposix.
You can't go back. Once a group is posix the only option is to remove it
and re-create it.
rob
More information about the Freeipa-devel
mailing list