On 08/19/2013 09:05 AM, Thomas Raehalme wrote: > Hi! > > We are in the process of deploying FreeIPA in our virtual environment. > So far things are working smoothly and I am really impressed by the > solution! > > One question has risen as we have added our first clients to the > system. Because the total number of clients is 50 and going up, we > have divided our servers to subdomains depending on the purpose of the > server, ie. test servers in one subdomain, internal services on > another and so on. There is, however, no need for each subdomain to > have its own IPA server. > > Let's say we're using domain example.com. Adding clients a.example.com > and b.example.com was smooth. Adding client a.sub1.example.com also > had no problems until I tried to get sudoers from the IPA server > (using SSSD and LDAP as suggested). The client fails to find any users > matching the server name. Because the only difference compared to a > fully functional server is the dot in the host name, that's probably > the reason why no sudoers are found for the server in the subdomain? > > For IPA master I am using CentOS 6.4 and > ipa-server-3.0.0-26.el6_4.4.x86_64. The clients are also CentOS 6.4 > with ipa-client-3.0.0-26.el6_4.4.x86_64. > > Any help is appreciated! Please let me know if providing any piece of > information helps. > > Best regards, > Thomas > > _______________________________________________ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users
Was there any help provided for this request? -- Thank you, Dmitri Pal Sr. Engineering Manager for IdM portfolio Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users