I have setup FreeIPA to use a domain like clients.ipa.example.com When starting SSSD now, it tries to find th ipaDomainResolutionOrder in [(&(cn=ipaConfig)(objectClass=ipaGuiConfig))][cn=etc,dc=clients,dc=ipa,dc=example,dc=com] at this DN, my LDAP Instance has no informations (no result).
So SSSD is refusing to work with: [sdap_get_generic_ext_step] (0x0400): [RID#1] calling ldap_search_ext with [(&(cn=ipaConfig)(objectClass=ipaGuiConfig))][cn=etc,dc=clients,dc=ipa,dc=example,dc=com]. [sdap_get_generic_ext_step] (0x1000): [RID#1] Requesting attrs: [ipaDomainResolutionOrder] [ipa_domain_resolution_order_done] (0x0040): [RID#1] Failed to get the domains' resolution order configuration from the server [22]: Wrong Argument I can sucessfully query the LDAP- Tree at [(&(cn=ipaConfig)(objectClass=ipaGuiConfig))][cn=etc,dc=penta-energy,dc=de] at the server neither cn=etc,dc=ipa,dc=penta-energy,dc=de nor cn=etc,dc=clients,dc=ipa,dc=example,dc=com is working. i setup freeipa-install with domain=clients.ipa.example.com what have i done wrong? Should LDAP deliver dc=clients,dc=ipa,dc=example,dc=com or is cn=etc,dc=penta-energy,dc=de right and SSSD is doing it wrong? Regard, Daniel -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
