Dmitri Pal wrote:

1) I confirmed that capitalization in the host name makes things not work.
I had a VM wit ha capital letter in the name.
Everything installed fine but then "ipa" command did not work and the
httpd error log was complaining that the host principal was not found.
I uninstalled, changed the name and installed again - the server worked
I think we should fix the ticket or at least do it in release notes.

Yes, we'll need to scope it to see if we can fix it soon.

2) I noticed that the memberOf plugin use changed in IPA. It now lists
only direct members and indirect members are stored in the other
attribute. Is IPA back end of the SSSD aware of that?

It just appears that way in the framework. Internally they are all still memberOf.

3) Admin is not a part of the ipausers group is this intentional?

Yes, admin is a special user.

4) There is an argument to make a group a posix group: --posix but  the
group is already a posix group if created by ipa group-add.
Questions: how to create a non-posix group? How to make a posix group

It must be created as non-posix at creation time wth the flag --nonposix.

You can't go back. Once a group is posix the only option is to remove it and re-create it.


Freeipa-devel mailing list

Reply via email to