----- Original Message -----
> Steven Jones wrote:
> > Ok,
> > However I cant LDAP/Ipa authenticate still....on either
> > client..........
> > So what next?
> sssd handles logins, you can try turning up the log level on that
> (though I suspect it wasn't the reboot that fixed this but restarting
If sssd was never used before then what was needed was a restart of the
services using it (sshd, gdm), as nsswitch.conf is never re-read by glibc, you
can't use the new users until those services are restarted after nsswitch.conf
I think we also offer to restart the client after ipa-client-install exactly as
a way to restart all services that may depend on picking up this change. That
reboot is not necessary if you manually restart all services after that, but if
you don't than you better do a reboot as we suggest.
> As part of ipa-client-install sssd is restarted and tested via 'getent
> passwd admin'. This should be visible in
> Did this command succeed?
Even if this succeed, authentication via gdm or ssh can still fail until the
services are restarted.
Just pointing out this fact as a help point for other users testing
ipa-client-install in future.
Simo Sorce * Red Hat, Inc. * New York
Freeipa-users mailing list