Hi folks, I'm testing getting a samba server working against IPA.
Now, when adding a user via the interface, I get ============================================================ IPA Error 4205: ObjectclassViolation missing attribute "ipaNTSecurityIdentifier" required by object class "ipaNTUserAttrs" ### To get here, I did the following on the IPA server:: ipa service-add cifs/obscon4.hpctest.nrel.gov ipa privilege-add 'CIFS server privilege' ipa privilege-add-permission 'CIFS server privilege' --permission='CIFS server can read user passwords' ipa permission-add "CIFS server can read user passwords" --attrs={ipaNTHash,ipaNTSecurityIdentifier} --type=user --right={read,search,compare} --bindtype=permission ipa role-add 'CIFS server' ipa role-add-privilege 'CIFS server' --privilege='CIFS server privilege' ipa role-add-member 'CIFS server' --services=cifs/obscon4.hpctest.nrel.gov Then, I ran `ipa-adtrust-install`, and realized later that I need to append the `--add-sids` mojo. So, I re-ran that wiht the switch. I then added the 'ipantuserattrs' objectClass. I'm messing around with this in a test environment, so I can blow the IPA server away if I really have to. So, if there are tips on what you might see that I missed in the set up, or how I I might get IPA set up correctly, I'd appreciate it. Versions: RHEL: 7.2 IPA: VERSION: 4.2.0, API_VERSION: 2.156 Thanks, Kurt -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project