Still trying to figure out why my AD users in various trusted forests can be resolved and "su - <username>" but password checks via SSH logins fail.


In the mean time I'm wondering if I should consider upgrading before I go much further into the troubleshooting tunnel. It really does seem like there has been a ton of action in the codebase specifically relating to AD trusts. Maybe I should upgrade first and then keep troubleshooting on the updated software. We are not yet in production.

We have a standard CentOS 7 server running this software set:

ipa-server-4.2.0-15.0.1.el7.centos.19.x86_64
ipa-server-dns-4.2.0-15.0.1.el7.centos.19.x86_64
python-iniparse-0.4-9.el7.noarch
sssd-ipa-1.13.0-40.el7_2.12.x86_64
ipa-python-4.2.0-15.0.1.el7.centos.19.x86_64
ipa-client-4.2.0-15.0.1.el7.centos.19.x86_64
ipa-admintools-4.2.0-15.0.1.el7.centos.19.x86_64
ipa-server-trust-ad-4.2.0-15.0.1.el7.centos.19.x86_64
python-libipa_hbac-1.13.0-40.el7_2.12.x86_64
libipa_hbac-1.13.0-40.el7_2.12.x86_64

Would people generally recommend stepping up to the stable 4.3 release on CentOS 7? If so are there any repositories that would be a good source for grabbing RPMs? Is 4.4 still not being recommended for production use?

Thanks!

Chris


--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
  • ... List dedicated to discussions about use, configuration and deployment of the IPA server.
    • ... List dedicated to discussions about use, configuration and deployment of the IPA server.
      • ... List dedicated to discussions about use, configuration and deployment of the IPA server.
        • ... List dedicated to discussions about use, configuration and deployment of the IPA server.

Reply via email to