On Tue, Feb 18, 2014 at 01:11:38AM +0200, Genadi Postrilko wrote:
> Thank you for the help!
> I have preformed downgrade:
> 
> yum downgrade samba4*
> 
> [root@ipaserver1 ~]# rpm -qa | grep samb
> samba4-python-4.0.0-58.el6.rc4.x86_64
> samba4-winbind-4.0.0-58.el6.rc4.x86_64
> samba4-common-4.0.0-58.el6.rc4.x86_64
> samba4-winbind-clients-4.0.0-58.el6.rc4.x86_64
> samba4-libs-4.0.0-58.el6.rc4.x86_64
> samba4-client-4.0.0-58.el6.rc4.x86_64
> samba4-4.0.0-58.el6.rc4.x86_64
> 
> And it worked !
> 
> *I am now able to perform login via "ssh" and su on to the ipaserver with
> AD users:*
> 
> [root@ipaserver1 ~]# su gen...@adexample.com
> sh-4.1$
> 
> *and wbinfo and getent return values:*
> 
> [root@ipaserver1 ~]# wbinfo -u
> ADEXAMPLE\administrator
> ADEXAMPLE\guest
> ADEXAMPLE\genadi
> ADEXAMPLE\krbtgt
> ADEXAMPLE\linux$
> ADEXAMPLE\daniel
> 
> [root@ipaserver1 ~]# wbinfo -g
> admins
> editors
> default smb group
> ad_users
> ADEXAMPLE\domain computers
> ADEXAMPLE\domain controllers
> ADEXAMPLE\schema admins
> ADEXAMPLE\enterprise admins
> ADEXAMPLE\domain admins
> ADEXAMPLE\domain users
> ADEXAMPLE\domain guests
> ADEXAMPLE\group policy creator owners
> ADEXAMPLE\read-only domain controllers
> ADEXAMPLE\enterprise read-only domain controllers
> ADEXAMPLE\dnsupdateproxy
> 
> [root@ipaserver1 ~]# getent passwd gen...@adexample.com
> gen...@adexample.com:*:699001000:699001000::/home/adexample.com/genadi:

Thanks a lot for confirming that -58 is working on the FreeIPA server.

> 
> *After this success, i have tried to execute a login on client machine
> (using AD user), but it did not work:*
> 
> [root@ipaclient1 ~]# su gen...@adexample.com
> su: user gen...@adexample.com does not exist
> 
> *Also wbinfo and getent do not return value:*
> 
> [root@ipaclient1 ~]# wbinfo -u
> [root@ipaclient1 ~]# wbinfo -g
> [root@ipaclient1 ~]# getent passwd gen...@adexample.com

Winbind is not running on the IPA client. SSSD running on the IPA client
use a LDAP extended operation to get the basic data about AD users and
group. Please try to restart SSSD on the client. If this does not help,
please send me the client's SSSD log files.

bye,
Sumit

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to