On (08/11/14 12:24), Diaulas Castro wrote:
>We have similar issue but on RHEL 6.6 (sssd 1.11), the problem is about
>enumerating groups.
Have you reported your problem?

I know just about one problem with IPA and sssd-1.11 (on RHEL 6.6)
The upstream bug is https://fedorahosted.org/sssd/ticket/2471

There is a workaround. You can change value of option ldap_group_object_class
in domain section to ipaUserGroup

ldap_group_object_class = ipaUserGroup

Could you confirm that you had the same problem?
Otherwise please report bug either to upstream trac or Red Had Bugzilla.

>Use the command "id some_group_that_user_belong" on affected client, logout
>and try logon again.
>Our issue was with sudo not working, but everything based on groups stopped
>to work too.
>For workaround (if this is your problem too)  edit sssd.con on domain
>enumarating = true
It would be better to fix it in sssd.


Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project

Reply via email to