Just wanted to pass along an issue I just had. We have some legacy local users on some boxes, and we need to have a mix of those local users and IPA users in the same groups.
In order for that to happen (at least on AIX) I need to create a group in IPA with the GID of the local group. This can be a problem because the GID may be used by different groups on different boxes (we inherited this mess.) To organize this, I would create groups like this in IPA: host1-foogroup:208 host2-bargroup:208 host3-bazgroup:208 This worked, until I added a fourth group with the same GID. AIX stopped allowing members of 208 to connect to any hosts. I was forced to move them all into a single group and abandon my attempts at organization. This was hard to find, but obvious in retrospect. -- The government is going to read our mail anyway, might as well make it tough for them. GPG Public key ID: B6A1A7C6
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
