well I'll try them now, my sssd config only consists of these lines added to 
the sudo area 

sudo_provider = ldap
ldap_uri = ldap://myipaserver.example.com
ldap_sudo_search_base = ou=sudoers,dc=example,dc=com
ldap_sasl_mech = GSSAPI
ldap_sasl_authid = host/myipaserver.example.com
ldap_sasl_realm = EXAMPLE.COM
krb_server = myipaserver.example.com

plus another question why is it that when I invoke the kinit admin command for 
the kerberos I couldnt access the web UI and keeps asking me to configure my 
web browser ( firefox) though I've already configured it many times.. 


On Monday, November 10, 2014 8:41 PM, Jakub Hrozek <jhro...@redhat.com> wrote:

On Mon, Nov 10, 2014 at 12:56:00PM +0100, Martin Kosek wrote:

> On 11/10/2014 02:05 AM, Rolf Nufable wrote:
> > Hello 
> > 
> > I have tons of questions on why free ipa wont't work on my network , I've 
> > been using fedora 20 as the os for the server and client free ipa .
> > 
> > I deployed freeipa 4.0.3 at the server side and freeipa 4.1.0 for the 
> > client side using 2 VM's at first it was okay, got it connected and used 
> > ldap to pass sudo for the client side, but when I finally deployed it in 
> > our real network consisting of an esxi server and one work station having 
> > the same versions of free ipa for server and client, the error that I'm 
> > getting is that " the user does not exist " when I invoked the " su - ( 
> > user ) " command, so My question is how can I solve this problem?? I've 
> > been at it for 3 weeks now ..
> I assume this is on Fedora 20, running from the mkosek/freeipa Copr repo. I
> assume this is a problem in SSSD client part, if the user cannot be found.
> CCing Lukas and Jakub to advise.

Sorry, I skipped this thread b/c the subject didn't look like it was

I think we need to examine SSSD logs...
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project

Reply via email to