[Freeipa-users] sssd client cache timer and merging IPA domains
Lucas Yamanishi
lyamanishi at sesda2.com
Fri Aug 17 16:07:29 UTC 2012
On 08/17/2012 08:38 AM, Rob Crittenden wrote:
> Lucas Yamanishi wrote:
>>
>> On 08/16/2012 05:39 PM, Rob Crittenden wrote:
>>> Lucas Yamanishi wrote:
>>>>
>>>> On 08/16/2012 05:32 PM, Rob Crittenden wrote:
>>>>> Lucas Yamanishi wrote:
>>>>>> I just migrated my IPA instance from one to another a couple days
>>>>>> ago to
>>>>>> recover after a lost CA and failed yum upgrade. The "ipa migrate-ds"
>>>>>> tool works very well, though I am having a few very minor issues. On
>>>>>> the upside, as far as I can tell, you can skip the steps about
>>>>>> Kerberos
>>>>>> key generation as outlined in the documentation. I've been able to
>>>>>> kinit just fine with my migrated users.
>>>>>>
>>>>>>
>>>>>> Below are the few errors I've noticed.
>>>>>>
>>>>>> * When I ssh into an enrolled host using a migrated user's
>>>>>> credentials I
>>>>>> get this error:
>>>>>>
>>>>>> id: cannot find name for group ID 104600003\
>>>>>
>>>>> Does a group exist with that GID? You can try something like:
>>>>>
>>>>> $ ipa group-find --gid=104600003
>>>>>
>>>>
>>>> The group doesn't exist. The GID is the counterpart to my UID.
>>>
>>> Try adding --private.
>>>
>>> rob
>>>
>>
>> Nope. It doesn't exist.
>>
>> Other groups migrated. Why would the private groups fail?
>
> I don't know, what have you done to date, including versions?
>
> rob
I've been following the stable Scientific Linux releases since 6.1.
Based on repo archives, I guess that would be 2.0.0-23.el6.x86_64. The
version was at 2.2.0-16.el6.x86_64 when I migrated, which I had just
upgraded from 2.1.3-9.el6.x86_64. I migrated to and use now
2.2.0-16.el6.x86_64.
So...
2.0.0-23.el6.x86_64 -> 2.1.3-9.el6.x86_64 -> 2.2.0-16.el6.x86_64 ---->
2.2.0-16.el6.x86_64
--
-----
*question everything*learn something*answer nothing*
------------
Lucas Yamanishi
------------------
Systems Administrator, ADNET Systems, Inc.
7515 Mission Drive, Suite A100
Lanham, MD 20706 * 301-352-4646 * 0xE23F3D7A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120817/abb4ae17/attachment.sig>
More information about the Freeipa-users
mailing list