On Tue, Oct 14, 2014 at 12:34:09PM +0500, Orkhan Gasimov wrote: > With help from Alexander Bokovoy I found correct log destinations: > > sssd-domain-log: > https://cloud.mail.ru/public/1e803a00989e%2Fsssd_eurosel.az.log > sssd-nss-log: https://cloud.mail.ru/public/ae41ae3b44b6%2Fsssd_nss.log > > These files are from my second Fedora - FreeBSD setup, they have different > domain name, but everything else is identical. > > Interestingly enough, there are lines in sssd_nss.log telling that there are > no users or groups in the domain. But as I said, I can ssh to the IPA server > as an IPA user. > Hi Orkhan,
Thanks for the logs. What were their actual locations? I'm going to try and reproduce your setup and see whether I get the same outcome. I have been building and installing the ports as indicated in the forum post, and one thing I have noticed is that there are a lot of configuration options on some of the important ports - perhaps there was an important option that the author forgot to mention. It is the end of the day for me, but sssd is now installed so I should let you know tomorrow whether I am running into the same issues as you, or whether I find success. (As a side node: once I get to a working setup I will create and publish a pkg(8) repo with the needed ports built with the correct options and make.conf variables. This should make it easier and certainly quicker to use FreeBSD as a FreeIPA client.) Cheers, Fraser > 14-Oct-14 00:32, Lukas Slebodnik пишет: > >On (13/10/14 20:33), Jakub Hrozek wrote: > >>On Mon, Oct 13, 2014 at 10:10:12PM +0400, Орхан Касумов wrote: > >>> Good day to everybody. > >>>There`s a post on how to make a FreeBSD client work with a FreeIPA server: > >>> https://forums.freebsd.org/viewtopic.php?f=39&t=46526&p=260146#p260146 > >>>For some reason the instructions in that post don`t lead to a working > >>>solution. > >>>Getent passwd/group return no data from the IPA server, although > >>>ldapsearch works fine. > >>>I followed the instructions exactly (+ configured ldap.conf & started > >>>sssd) and didn`t get errors anywhere, all steps completed successfully. > >>>My setup: 2 VMs, one is the FreeIPA server (on Fedora 20), the other is a > >>>FreeBSD client (on FreeBSD 10.0). > >>>IPA server is configured as written in the IPA Quick Start Quide, it has > >>>no integrated DNS server. > >>>Both VMs have identical /etc/hosts file: > >>> > >>>::1 localhost > >>>127.0.0.1 localhost > >>>192.168.1.10 ipa1.mydomain.com ipa1 > >>>192.168.1.30 bsd1.mydomain.com bsd1 > >>> > >>>Seems like some instructions in etc/nsswitch.conf file, like "group: files > >>>sss" and "passwd: files sss" have no effect. > >>>Does anybody tried this setup, what could be wrong with it? > >>>I can provide outputs of any commands if necessary. > >>>If I shouldn`t have asked this question here, please advise me where to > >>>ask. > >>>Any hint on what to do will be highly appreciated! > >>Hi, > >> > >>I think SSSD logs would be the best start.. > >> > >>Put debug_level=7 into the [domain] section, restart SSSD and then check > >>out /var/log/sssd/*.log > >> > >"debug_level = 7" can be put into "nss" section as well. > >Could you share your sssd configuration file /usr/local/etc/sssd.conf? > > > >LS > > > > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go To http://freeipa.org for more info on the project -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project