[Freeipa-users] Why "w" does not list AD users

2017-08-16 Thread Supratik Goswami via FreeIPA-users
I have configured trust between AD and IPA and Linux machines are member of IPA domain. When I log into any of the Linux machine and type "w" it does not list the user AD user with which I just logged in. Is this a expected behaviour or am I missing something? -- Warm Regards Supratik

[Freeipa-users] Re: ID view is not overriding user attributes

2017-08-09 Thread Supratik Goswami via FreeIPA-users
< freeipa-users@lists.fedorahosted.org> wrote: > > On 9 Aug 2017, at 16:02, Supratik Goswami via FreeIPA-users < > freeipa-users@lists.fedorahosted.org> wrote: > > (Wed Aug 9 13:58:13 2017) [sssd[be[ipa.corp. > <http://ipa.corp.example.com/>example <ht

[Freeipa-users] ID view is not overriding user attributes

2017-08-08 Thread Supratik Goswami via FreeIPA-users
Hello everyone, I have a trust setup between AD and IPA, I have created a user in the "Default Trust View" and updated the ssh public keys for that user. When I am trying to login to any Linux system using the ad user it is not able to find the keys. Here is the sshd debug log. Aug 9 03:04:01

[Freeipa-users] Re: ID view is not overriding user attributes

2017-08-08 Thread Supratik Goswami via FreeIPA-users
(Wed Aug 9 04:20:14 2017) [sssd[be[ipa.corp.example.com]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(objectClass=ipaUserOverride)(uid=supratik.goswami))][cn=Default Trust View,cn=views,cn=accounts,dc=ipa,dc=corp,dc=example,dc=com] What I could see here is that it is

[Freeipa-users] Re: ID view is not overriding user attributes

2017-08-09 Thread Supratik Goswami via FreeIPA-users
Can someone please help me to figure out the issue? Please let me know if any other information is required On Wed, Aug 9, 2017 at 9:54 AM, Supratik Goswami wrote: > (Wed Aug 9 04:20:14 2017) [sssd[be[ipa.corp.example.com]]] > [sdap_get_generic_ext_step] (0x0400):

[Freeipa-users] Re: Unable to SSH into Linux machine using AD user

2017-08-08 Thread Supratik Goswami via FreeIPA-users
l status sssd) >> >> On 7 Aug 2017, at 08:37, Supratik Goswami <supratiksek...@gmail.com> >> wrote: >> >> Hi Jakub >> >> /tmp directory has permission >> >> drwxrwxrwt 7 root root 4096 Aug 7 05:46 /tmp >> >> On Mon, Aug 7, 2017 at 1

[Freeipa-users] Re: ID view is not overriding user attributes

2017-08-09 Thread Supratik Goswami via FreeIPA-users
sers < freeipa-users@lists.fedorahosted.org> wrote: > > On 9 Aug 2017, at 14:37, Supratik Goswami via FreeIPA-users < > freeipa-users@lists.fedorahosted.org> wrote: > > Can someone please help me to figure out the issue? > > Please let me know if any other information i

[Freeipa-users] Re: Unable to SSH into Linux machine using AD user

2017-08-07 Thread Supratik Goswami via FreeIPA-users
tiksek...@gmail.com> > wrote: > > Hi Jakub > > /tmp directory has permission > > drwxrwxrwt 7 root root 4096 Aug 7 05:46 /tmp > > On Mon, Aug 7, 2017 at 11:57 AM, Jakub Hrozek <jhro...@redhat.com> wrote: > >> >> > On 7 Aug 2017, at

[Freeipa-users] Re: Unable to SSH into Linux machine using AD user

2017-08-07 Thread Supratik Goswami via FreeIPA-users
Hi Jakub /tmp directory has permission drwxrwxrwt 7 root root 4096 Aug 7 05:46 /tmp On Mon, Aug 7, 2017 at 11:57 AM, Jakub Hrozek <jhro...@redhat.com> wrote: > > > On 7 Aug 2017, at 07:38, Supratik Goswami via FreeIPA-users < > freeipa-users@lists.fedorahosted.org> wro

[Freeipa-users] Unable to SSH into Linux machine using AD user

2017-08-06 Thread Supratik Goswami via FreeIPA-users
Hi I am using trust between AD and IPA AD domain: ad.corp.example.com IPA domain: ipa.corp.example.com I am able to login using SSH to the IPA server using the AD user, when I am trying to login using SSH to the Linux client which is a member of the IPA domain it does not work. Please find my

[Freeipa-users] Re: Why "w" does not list AD users

2017-08-18 Thread Supratik Goswami via FreeIPA-users
01:04:05PM +0530, Supratik Goswami via > FreeIPA-users wrote: > > I have configured trust between AD and IPA and Linux machines are member > of > > IPA domain. > > When I log into any of the Linux machine and type "w" it does not list > the > > use

[Freeipa-users] Re: Why "w" does not list AD users

2017-08-23 Thread Supratik Goswami via FreeIPA-users
ery_domain = ipadomain.com > > > > > > > > entry_cache_timeout = 60 > > > > [pam] > > > > > > > > [sudo] > > > > > > > > [autofs] > > > > > > > > [ssh] > > > > > > > > [pa

[Freeipa-users] Re: Why "w" does not list AD users

2017-08-18 Thread Supratik Goswami via FreeIPA-users
> > What do you mean by user ID? The numeric UID? How do you invoke ps? Yes, numeric UID. When I type "ps aux" I get the following output 1759001108 2375 0.0 0.4 146900 4084 ?S08:55 0:00 sshd: testu...@addomain.com@pts/0 1759001108 2376 0.0 0.3 127800 3536 pts/0Ss 08:55

[Freeipa-users] Re: Why "w" does not list AD users

2017-08-18 Thread Supratik Goswami via FreeIPA-users
t; > freeipa-users@lists.fedorahosted.org> wrote: > >> On Fri, Aug 18, 2017 at 07:13:13PM +0530, Supratik Goswami via >> FreeIPA-users wrote: >> > When executed in the server I get the below logs >> > >> > (Fri Aug 18 08:18:26 2017) [sssd[nss]] [orderly_shutdown] (0x00

[Freeipa-users] Re: Why "w" does not list AD users

2017-08-18 Thread Supratik Goswami via FreeIPA-users
gt; > > > entry_cache_timeout = 60 > > [pam] > > > > [sudo] > > > > [autofs] > > > > [ssh] > > > > [pac] > > > > [ifp] > > > > On Fri, Aug 18, 2017 at 7:28 PM, Supratik Goswami < > supratiksek...@gmail.com> &g

[Freeipa-users] Re: Why "w" does not list AD users

2017-08-18 Thread Supratik Goswami via FreeIPA-users
On Fri, Aug 18, 2017 at 7:20 PM, Jakub Hrozek via FreeIPA-users < freeipa-users@lists.fedorahosted.org> wrote: > On Fri, Aug 18, 2017 at 07:13:13PM +0530, Supratik Goswami via > FreeIPA-users wrote: > > When executed in the server I get the below logs > > > > (Fri A

[Freeipa-users] Re: Why "w" does not list AD users

2017-08-18 Thread Supratik Goswami via FreeIPA-users
When executed in the server I get the below logs (Fri Aug 18 08:18:26 2017) [sssd[nss]] [orderly_shutdown] (0x0010): SIGTERM: killing children (Fri Aug 18 08:20:04 2017) [sssd[nss]] [orderly_shutdown] (0x0010): SIGTERM: killing children (Fri Aug 18 08:20:11 2017) [sssd[nss]] [orderly_shutdown]

[Freeipa-users] Re: Why "w" does not list AD users

2017-08-18 Thread Supratik Goswami via FreeIPA-users
In the IPA server I am getting in the below format suprati+ 4360 0.0 0.0 172676 2484 ?D08:20 0:00 sshd: supra...@addomain.com@pts/1 suprati+ 4361 0.0 0.0 125688 2092 pts/1Ss 08:20 0:00 -bash suprati+ 4383 0.0 0.0 161360 1828 pts/1R+ 08:20 0:00 ps aux On

[Freeipa-users] Re: Why "w" does not list AD users

2017-08-18 Thread Supratik Goswami via FreeIPA-users
In server the ps version is procps-ng version 3.3.10 In the other boxes ps version is procps version 3.2.8 On Fri, Aug 18, 2017 at 5:52 PM, Supratik Goswami wrote: > In the IPA server I am getting in the below format > > suprati+ 4360 0.0 0.0 172676 2484 ?

[Freeipa-users] Mapping IPA group to Linux system group

2017-10-04 Thread Supratik Goswami via FreeIPA-users
Hello All, Is there a way to map IPA group to a local Linux system group? For example I have a Linux group wheel and I want the IPA group ipawheel to be mapped such that when I add a user in the ipawheel group in the local system the user becomes a member of the wheel group in the Linux machine