On Mon, 11 Jan 2016, Prasun Gera wrote:
I upgraded ipa to 4.2 on my rhel 7.2 servers a few weeks ago. One of the
users reported that he is not able to log in to certain systems any more.
It turns out that there is some change in behaviour w.r.t NIS clients after
this upgrade. I see that his username is not visible in "ypcat passwd" on
the old clients that are using NIS. This user was added natively through
ipa. The old users that were migrated from NIS still work as expected on
the NIS clients. I can also confirm that if I add a new user now in ipa, it
is not visible in NIS maps. Until we phase out the NIS clients completely,
I would like all users to be able to log into them. This used to be the
case, but a recent update seems to have changed that. I don't know if this
is intentional. How do i revert to the old behaviour ?
Do you see all the maps configured?
# ldapsearch -LLL -H $(cat /etc/ipa/default.conf | grep ldap_uri|cut -d= -f2)
-b cn=config '(nis-domain=*)' dn CreateTimestamp ModifyTimestamp
We have a bug in the upgrade script that was fixed this morning
/ Alexander Bokovoy
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project