On 08/19/2013 09:05 AM, Thomas Raehalme wrote:
> We are in the process of deploying FreeIPA in our virtual environment.
> So far things are working smoothly and I am really impressed by the
> One question has risen as we have added our first clients to the
> system. Because the total number of clients is 50 and going up, we
> have divided our servers to subdomains depending on the purpose of the
> server, ie. test servers in one subdomain, internal services on
> another and so on. There is, however, no need for each subdomain to
> have its own IPA server.
> Let's say we're using domain example.com. Adding clients a.example.com
> and b.example.com was smooth. Adding client a.sub1.example.com also
> had no problems until I tried to get sudoers from the IPA server
> (using SSSD and LDAP as suggested). The client fails to find any users
> matching the server name. Because the only difference compared to a
> fully functional server is the dot in the host name, that's probably
> the reason why no sudoers are found for the server in the subdomain?
> For IPA master I am using CentOS 6.4 and
> ipa-server-3.0.0-26.el6_4.4.x86_64. The clients are also CentOS 6.4
> with ipa-client-3.0.0-26.el6_4.4.x86_64.
> Any help is appreciated! Please let me know if providing any piece of
> information helps.
> Best regards,
> Freeipa-users mailing list
Was there any help provided for this request?
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
Looking to carve out IT costs?
Freeipa-users mailing list