I've been having difficulties connecting a freeipa-client on Ubuntu 16.06
LTS, to a Redhat IPA server that has a trusted connection to Microsoft AD
Ssh authentications are pretty slow, however, once I do get on, I find sudo
commands often do not work for several minutes saying I am not in the "not
in the sudoers file.". This is even though, I am in the same group on the
access.conf file and a sudoers file.
I think the initial slowness is due to the fact that our AD system has lots
of groups and I am part of many large groups with many users. I've been
checking the sssd cache file, and I can see that ssh authentication does
not even start until almost all groups I am a member of have been added to
the cache. However, that does not explain why sudo is being delayed as the
groups are already cached.
Has anyone got any advice about setting up a freeipa-client on Ubuntu to
connect to a Redhat IPA server?
Has anyone else experienced difficulties with sudo commands?
Group membership not listing all the groups a person is a member off all
DISTRIB_DESCRIPTION="Ubuntu 16.04.3 LTS"
# dpkg --list | grep freeipa
4.3.1-0ubuntu1 amd64 FreeIPA centralized
identity framework -- client
4.3.1-0ubuntu1 all FreeIPA centralized
identity framework -- common files
# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.4 (Maipo)
# rpm -qa | grep "ipa-"
FreeIPA-users mailing list -- email@example.com
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org