There is IPA provider, but no sssd_pac module.
[service_startup_handler] (0x0010): Could not exec /usr/lib/sssd/sssd_pac
--debug-to-files, reason: No such file or directory
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscr
I have the same error.
I established two-way trust with AD which went fine.
Authentication with Kerberos to AD is working.
Since I have one test FreeIPA which is working correctly (relatively) I
compared logs and pinpointed problem to strange LDAP search which is FreeIPA
sending to DC:
(&(sAMAcco
There is no gidNumber attribute on AD group objects. If I want to apply posix
attributes directly in AD, then I don't need FreeIPA, do I...
https://blogs.technet.microsoft.com/activedirectoryua/2016/02/09/identity-management-for-unix-idmu-is-deprecated-in-windows-server/
It is obvious that FreeIPA
I didn’t specify any ID range. This was all done automagically by setup. I read
a lot of documentation, and I can’t remember that ever been mentioned. We
indeed had NIS at some point, but this is not supported any more by MS, and
FreeIPA should not just presume that we have gidNumber on all acco
It looks like my problems with AD trust on server side went away when I
upgraded to FreeIPA 4.5 using Centos 7.4 packages, but unfortunately this is
only half of the way.
I have alot of SLES servers 11 and 12, but it looks like SSSD that comes with
SLES is not fully featured as RHEL or Centos.
sssd-krb5-common-1.11.5.1-14.1.x86_64
sssd-32bit-1.11.5.1-28.1.x86_64
sssd-ad-1.11.5.1-14.1.x86_64
sssd-ipa-1.11.5.1-14.1.x86_64
python-sssd-config-1.11.5.1-14.1.x86_64
sssd-1.11.5.1-14.1.x86_64
sssd-tools-1.11.5.1-14.1.x86_64
sssd-krb5-1.11.5.1-14.1.x86_64
sssd-ldap-1.11.5.1-14.1.x86_64
ipa-client
Can I use FreeIPA as Kerberos and LDAP provider (not as IPA) and still use
policies somehow?
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Unfortunately, I cannot upgrade systems and packages as I want because of
legacy applications.
Is there somewhere information how would I approach to configure SSSD to use
FreeIPA as Kerberos and LDAP provider and for policies to work? I can only find
where access is enforced with LDAP filter in