Am Fri, May 14, 2021 at 04:03:11PM - schrieb iulian roman via FreeIPA-users:
> I think the very strange behaviour was due to the fact that I did not
> have a name for the gid in AD . As a workaround, I removed the gid
> from override (and let IPA generate one) . The interesting part was
>
I think the very strange behaviour was due to the fact that I did not have a
name for the gid in AD . As a workaround, I removed the gid from override (and
let IPA generate one) . The interesting part was that getent did assign the
username to the respective gid (therefore both getent group
Am Wed, May 12, 2021 at 11:25:38AM - schrieb iulian roman via FreeIPA-users:
> > Am Wed, May 12, 2021 at 06:46:29AM - schrieb iulian roman via
> > FreeIPA-users:
> >
> > Hi,
> >
> > did you use the IPA 'unix_users' group as primary group for those users
> > and given the GID of
> Am Wed, May 12, 2021 at 06:46:29AM - schrieb iulian roman via
> FreeIPA-users:
>
> Hi,
>
> did you use the IPA 'unix_users' group as primary group for those users
> and given the GID of 'unix_users' in the id-overrides for the users? Or
> did you you a different group as primary group?
>
Am Wed, May 12, 2021 at 06:46:29AM - schrieb iulian roman via FreeIPA-users:
> > Am Tue, May 11, 2021 at 03:09:54PM - schrieb iulian roman via
> > FreeIPA-users:
> >
> > Hi,
> >
> > can you give some more details about the group, where it comes from IPA
> > or AD, and the GID, it is the
> Am Tue, May 11, 2021 at 03:09:54PM - schrieb iulian roman via
> FreeIPA-users:
>
> Hi,
>
> can you give some more details about the group, where it comes from IPA
> or AD, and the GID, it is the original GID of the group or coming from
> an id-override as well?
>
Hi,
There is trust
Am Tue, May 11, 2021 at 03:09:54PM - schrieb iulian roman via FreeIPA-users:
> That was a good hint ! Actually it does return the gid when I run
> getent group . And after I run the getent group
> on the client side, I can run as well id .
Hi,
can you give some more details about the
Hi,
There is indeed a mapping of ad groups to IdM posix groups.
On Tuesday, May 11, 2021, 5:31 PM, John Desantis wrote:
Iulian,
> So, only after I run getent group on the ipa clients I can list
> the user attributes.
This sounds somewhat similar to behavior I ran into initially in our
Iulian,
> So, only after I run getent group on the ipa clients I can list
> the user attributes.
This sounds somewhat similar to behavior I ran into initially in our
development deployment. For the users that aren't immediately able to
be resolved on the clients, are they mapped to any IdM
That was a good hint ! Actually it does return the gid when I run getent group
. And after I run the getent group on the client
side, I can run as well id . So, only after I run getent group
on the ipa clients I can list the user attributes.
Any idea what needs to be changed in order to
Am Tue, May 11, 2021 at 02:28:49PM - schrieb iulian roman via FreeIPA-users:
> Hello everybody,
>
> I try to override some uid and gid for AD users in Idm (I added all
> users for which I need to override attributes in Default Trust View)
> and although everything works properly on both IdM
11 matches
Mail list logo