On Tue, Oct 14, 2014 at 12:34:09PM +0500, Orkhan Gasimov wrote:
> With help from Alexander Bokovoy I found correct log destinations:
> sssd-nss-log: https://cloud.mail.ru/public/ae41ae3b44b6%2Fsssd_nss.log
> These files are from my second Fedora - FreeBSD setup, they have different
> domain name, but everything else is identical.
> Interestingly enough, there are lines in sssd_nss.log telling that there are
> no users or groups in the domain. But as I said, I can ssh to the IPA server
> as an IPA user.
Thanks for the logs. What were their actual locations?
I'm going to try and reproduce your setup and see whether I get the
same outcome. I have been building and installing the ports as
indicated in the forum post, and one thing I have noticed is that
there are a lot of configuration options on some of the important
ports - perhaps there was an important option that the author forgot
It is the end of the day for me, but sssd is now installed so I
should let you know tomorrow whether I am running into the same
issues as you, or whether I find success.
(As a side node: once I get to a working setup I will create and
publish a pkg(8) repo with the needed ports built with the correct
options and make.conf variables. This should make it easier and
certainly quicker to use FreeBSD as a FreeIPA client.)
> 14-Oct-14 00:32, Lukas Slebodnik пишет:
> >On (13/10/14 20:33), Jakub Hrozek wrote:
> >>On Mon, Oct 13, 2014 at 10:10:12PM +0400, Орхан Касумов wrote:
> >>> Good day to everybody.
> >>>There`s a post on how to make a FreeBSD client work with a FreeIPA server:
> >>> https://forums.freebsd.org/viewtopic.php?f=39&t=46526&p=260146#p260146
> >>>For some reason the instructions in that post don`t lead to a working
> >>>Getent passwd/group return no data from the IPA server, although
> >>>ldapsearch works fine.
> >>>I followed the instructions exactly (+ configured ldap.conf & started
> >>>sssd) and didn`t get errors anywhere, all steps completed successfully.
> >>>My setup: 2 VMs, one is the FreeIPA server (on Fedora 20), the other is a
> >>>FreeBSD client (on FreeBSD 10.0).
> >>>IPA server is configured as written in the IPA Quick Start Quide, it has
> >>>no integrated DNS server.
> >>>Both VMs have identical /etc/hosts file:
> >>>::1 localhost
> >>>127.0.0.1 localhost
> >>>192.168.1.10 ipa1.mydomain.com ipa1
> >>>192.168.1.30 bsd1.mydomain.com bsd1
> >>>Seems like some instructions in etc/nsswitch.conf file, like "group: files
> >>>sss" and "passwd: files sss" have no effect.
> >>>Does anybody tried this setup, what could be wrong with it?
> >>>I can provide outputs of any commands if necessary.
> >>>If I shouldn`t have asked this question here, please advise me where to
> >>>Any hint on what to do will be highly appreciated!
> >>I think SSSD logs would be the best start..
> >>Put debug_level=7 into the [domain] section, restart SSSD and then check
> >>out /var/log/sssd/*.log
> >"debug_level = 7" can be put into "nss" section as well.
> >Could you share your sssd configuration file /usr/local/etc/sssd.conf?
> Manage your subscription for the Freeipa-users mailing list:
> Go To http://freeipa.org for more info on the project
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project