Re: [Freeipa-users] SSSD client (amazon linux) + IPA server (Redhat)

From: freeipa-users-boun...@redhat.com <freeipa-users-boun...@redhat.com> on behalf of Alexander Bokovoy <aboko...@redhat.com> Sent: 21 September 2015 20:40 To: Gustavo Mateus Cc: freeipa-users@redhat.com Subject: Re: [Freeipa-users] SSSD client (amazon

Re: [Freeipa-users] SSSD client (amazon linux) + IPA server (Redhat)

I used compat because that is what ipa-advise provided me. I did not pay attention to that part. And yes, that did the trick :) Thank you very much Gustavo On Sun, Sep 20, 2015 at 8:51 AM, Jakub Hrozek wrote: > On Sat, Sep 19, 2015 at 07:47:55PM +0300, Alexander Bokovoy

Re: [Freeipa-users] SSSD client (amazon linux) + IPA server (Redhat)

On Mon, Sep 21, 2015 at 10:40:07PM +0300, Alexander Bokovoy wrote: > At this point I'd suggest you to investigate yourself and contact Amazon > support for finding out exactly what is happening there. It would be nice if Amazon actually packaged all the functionality RHEL packages for several

Re: [Freeipa-users] SSSD client (amazon linux) + IPA server (Redhat)

On Mon, 21 Sep 2015, Jakub Hrozek wrote: On Mon, Sep 21, 2015 at 10:40:07PM +0300, Alexander Bokovoy wrote: At this point I'd suggest you to investigate yourself and contact Amazon support for finding out exactly what is happening there. It would be nice if Amazon actually packaged all the

Re: [Freeipa-users] SSSD client (amazon linux) + IPA server (Redhat)

On Mon, 21 Sep 2015, Gustavo Mateus wrote: Hi Alexander, Thank you very much for your help. Would it be possible for you to point me in the right direction on how to integrate this with sudo rules? Please don't send emails personally unless asked to do that. Your problem can be tracked with

Re: [Freeipa-users] SSSD client (amazon linux) + IPA server (Redhat)

On Sat, Sep 19, 2015 at 06:32:40AM -0700, Gustavo Mateus wrote: > I've already included that in the IPA permissions. > Anonymous access to ipaSshPubKey is marked as public already. Read and > Search is allowed. as your ldapsearch proved, it's still not working. If you search the server logs, you

Re: [Freeipa-users] SSSD client (amazon linux) + IPA server (Redhat)

On Sat, Sep 19, 2015 at 07:47:55PM +0300, Alexander Bokovoy wrote: > On Sat, 19 Sep 2015, Jakub Hrozek wrote: > > > >>On 18 Sep 2015, at 19:17, Gustavo Mateus wrote: > >> > >>That only shows this: > >> > >># extended LDIF > >># > >># LDAPv3 > >># base

Re: [Freeipa-users] SSSD client (amazon linux) + IPA server (Redhat)

> On 18 Sep 2015, at 19:17, Gustavo Mateus wrote: > > That only shows this: > > # extended LDIF > # > # LDAPv3 > # base

Re: [Freeipa-users] SSSD client (amazon linux) + IPA server (Redhat)

I've already included that in the IPA permissions. Anonymous access to ipaSshPubKey is marked as public already. Read and Search is allowed. On Sat, Sep 19, 2015 at 4:36 AM, Jakub Hrozek wrote: > > > On 18 Sep 2015, at 19:17, Gustavo Mateus >

Re: [Freeipa-users] SSSD client (amazon linux) + IPA server (Redhat)

On Thu, Sep 17, 2015 at 10:33:41AM -0700, Gustavo Mateus wrote: > When I use id_provider=ipa I get: > > [sssd[be[default]]] [main] (0x0010): Could not initialize backend [2] Ah, I think they simply don't package the IPA backend. Time to file an RFE with Amazon? :-) > > > Adding a [ssh]

Re: [Freeipa-users] SSSD client (amazon linux) + IPA server (Redhat)

That only shows this: # extended LDIF # # LDAPv3 # base

Re: [Freeipa-users] SSSD client (amazon linux) + IPA server (Redhat)

On Wed, Sep 16, 2015 at 11:28:49AM -0700, Gustavo Mateus wrote: > Hi, > > I have an IPA server running on redhat and I'm trying find the best way to > get my amazon linux instances to use it for authentication, ssh key > management and sudo rules. > > I'm now trying to use SSSD to achieve those

Re: [Freeipa-users] SSSD client (amazon linux) + IPA server (Redhat)

When I use id_provider=ipa I get: [sssd[be[default]]] [main] (0x0010): Could not initialize backend [2] Adding a [ssh] section with just "debug_level = 10"on it, I get: (Thu Sep 17 17:27:12 2015) [sssd[ssh]] [get_client_cred] (0x4000): Client creds: euid[174221] egid[174221] pid[6295].