Resolved seems to be working (I swear restarting sssd and adding the debug line 
does some magic), the sssd performance blog worked out quite well.

I did not need to make any changes to my trust relationship, re-running the ad 
trust setup steps and restarting sssd did the trick.

Thank You!

----- Original Message -----
From: "Jakub Hrozek" <jhro...@redhat.com>
To: "Jake" <free...@jacobdevans.com>
Cc: freeipa-users@redhat.com
Sent: Thursday, August 4, 2016 3:48:14 AM
Subject: Re: [Freeipa-users] Login Troubles with Centos7 and external users 

On Wed, Aug 03, 2016 at 08:38:00PM -0400, Jake wrote:
> Thanks Jakub,
> turns out 'getent password usern...@legacy.example.org' only works on 1 of 
> the 4 ipa servers (the one I created the domain trust with).

OK, then we need to first fix all the servers before proceeding to the

> I re-ran ipa-adtrust-install on them and no change, is there a similar post I 
> can follow to correct these & retrace my steps or does the trust need 
> configured on each.

For IPA:

I would personally start with looking into the SSSD logs on the server
that is misbehaving.

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to