[Freeipa-users] sssd client cache timer and merging IPA domains
Lucas Yamanishi
lyamanishi at sesda2.com
Thu Aug 16 21:26:35 UTC 2012
I just migrated my IPA instance from one to another a couple days ago to
recover after a lost CA and failed yum upgrade. The "ipa migrate-ds"
tool works very well, though I am having a few very minor issues. On
the upside, as far as I can tell, you can skip the steps about Kerberos
key generation as outlined in the documentation. I've been able to
kinit just fine with my migrated users.
Below are the few errors I've noticed.
* When I ssh into an enrolled host using a migrated user's credentials I
get this error:
id: cannot find name for group ID 104600003
* I see this error in my dirsrv-EXAMPLE/errors log after changing a
password:
[15/Aug/2012:12:38:24 -0400] ipapwd_setPasswordHistory - [file
ipapwd_common.c, line 926]: failed to generate new password history!
-----
*question everything*learn something*answer nothing*
------------
Lucas Yamanishi
------------------
Systems Administrator, ADNET Systems, Inc.
NASA Space and Earth Science Data Analysis (606.9)
7515 Mission Drive, Suite A100
Lanham, MD 20706 * 301-352-4646 * 0xE23F3D7A
On 08/16/2012 05:00 PM, Steven Jones wrote:
> Hi,
>
> What is the default length of time the sssd daemon on a client caches for once IPA is off line pls?
>
> Is there any practical way to take the user info from one ipa instance/domain and import it into another? I know the client machines will have to have ipa un-installed and resetting users passwords are not biggees I'd just not rather have to input all the groups and hbac rules by hand.
>
> regards
>
> Steven Jones
>
> Technical Specialist - Linux RHCE
>
> Victoria University, Wellington, NZ
>
> 0064 4 463 6272
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120816/b46c75c1/attachment.sig>
More information about the Freeipa-users
mailing list