I correct that line.
But still same:
tevfik@Darktower ~ $ ssh [email protected]
[email protected]'s password:
Permission denied, please try again.
[email protected]'s password:
Welcome to Ubuntu 14.04.1 LTS (GNU/Linux 3.13.0-24-generic x86_64)
* Documentation: https://help.ubuntu.com/
Last login: Mon Sep 1 13:47:08 2014 from 10.65.8.100
user1@clnt:~$ su - user1 apt-get install
Password:
/usr/bin/apt-get: /usr/bin/apt-get: cannot execute binary file
Does anyone have an article about ubuntu+ipa entegration?
On 01-09-2014 14:18, Alexander Bokovoy wrote:
On Mon, 01 Sep 2014, Tevfik Ceydeliler wrote:
I moved those lines. But still same.
As Jakub pointed out, following option also is wrong:
ldap=sasl_authid = host/cnlt2.ipa.grp
it should be
ldap_sasl_authid = host/cnlt2.ipa.grp
note _ instead of = between ldap and sasl.
On 01-09-2014 12:20, Alexander Bokovoy wrote:
On Mon, 01 Sep 2014, Tevfik Ceydeliler wrote:
libsss-sudo already installed.
Here is my sssd.conf:
[domain/ipa.grp]
krb5_realm = IPA.GRP
cache_credentials = True
krb5_store_password_if_offline = True
ipa_domain = ipa.grp
id_provider = ipa
auth_provider = ipa
access_provider = ipa
ipa_hostname = clnt.ipa.grp
chpass_provider = ipa
ipa_dyndns_update = True
ipa_server = _srv_, srv.ipa.grp
ldap_tls_cacert = /etc/ipa/ca.crt
[sssd]
services = nss, pam, ssh, sudo
config_file_version = 2
domains = ipa.grp
The options below have to be in [domain/...] section:
ldap_sudo_search_base = ou=sudoers,ou=ipa,dc=grp
ldap_sasl_mech = GSSAPI
ldap=sasl_authid = host/cnlt2.ipa.grp
ldap_sasl_realm = IPA.GRP
ldap_netgroup_search_base = ou=SUDOers,dc=ipa,dc=grp
sudo_provider = ldap
ldap_uri = ldap://srv.ipa.grp
krb5_server = srv.ipa.grp
--
<br>
<img src="http://www.yasar.com.tr/banner/yhbanner.jpg";> </img>
<br><br>
Bu elektronik postada bulunan tum fikir ve gorusler ve ekindeki
dosyalar sadece adres sahip/sahiplerine ait olup, Yasar Toplulugu
Sirketleri bu mesajin icerigi ile ilgili olarak hic bir hukuksal
sorumlulugu kabul etmez. Eger gonderilmesi dusunulen kisi veya
kurulus degilseniz, lutfen gonderen kisiyi derhal haberdar ediniz ve
mesaji sisteminizden siliniz.The information contained in this e-mail
and any files transmitted with it are intended solely for the use of
the individual or entity to whom they are addressed and Yasar Group
Companies do not accept legal responsibility for the contents. If you
are not the intended recipient, please immediately notify the sender
and delete it from your system.
--
<br>
<img src="http://www.yasar.com.tr/banner/yhbanner.jpg";> </img>
<br><br>
Bu elektronik postada bulunan tum fikir ve gorusler ve ekindeki dosyalar sadece
adres sahip/sahiplerine ait olup, Yasar Toplulugu Sirketleri bu mesajin icerigi
ile ilgili olarak hic bir hukuksal sorumlulugu kabul etmez. Eger gonderilmesi
dusunulen kisi veya kurulus degilseniz, lutfen gonderen kisiyi derhal haberdar
ediniz ve mesaji sisteminizden siliniz.The information contained in this e-mail
and any files transmitted with it are intended solely for the use of the
individual or entity to whom they are addressed and Yasar Group Companies do
not accept legal responsibility for the contents. If you are not the intended
recipient, please immediately notify the sender and delete it from your system.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
![http://www.yasar.com.tr/banner/yhbanner.jpg"](http://www.yasar.com.tr/banner/yhbanner.jpg"){kind=link}