Re: [Freeipa-users] How to config automembership for IP or subnet
On 10/14/2015 05:51 PM, zhiyong xue wrote: > Thanks Martin. > > This is the document link: > https://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA_Guide/automember.html > It says : Dividing hosts based on their IP address or subnet. Ah, I see. This is rather old and deprecated guide (see http://www.freeipa.org/page/Upstream_User_Guide for details), but this information is even in the newest guide: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/automember.html I am not sure how this should be practically achieved actually. Automember can only decide on information that is already in the entry in LDAP ADD, or later when Automembership task is explicitly re-run. I think we should simply change this use case as it is not true. I filed a ticket to fix the docs: https://bugzilla.redhat.com/show_bug.cgi?id=1272043 > After I installed ipa-client-install the host would be registered to server > automatically. I have many clients in two subnets ,it's impossible to add > description manually. I see. I suspect you would have to do some scripting around that, for example a cron job or any other job that would find the IP address of the new hosts, store the subnet or other identificator in FreeIPA host entry and run automembership for this entry. This would add the right membership, based on the rules. > > 2015-10-14 22:29 GMT+08:00 Martin Kosek : > >> On 10/14/2015 03:33 PM, zhiyong xue wrote: >>> The document said >> >> Hi, >> >> What document you have in mind? >> >>> we can create automembership rule based by IP or subnet. >>> But there's no any sample about it. Anyone know knows how to create them? >> >> If the information/attribute is not in the LDAP entry for the Host, >> Automember >> has no means of applying the rule and adding the membership. The only idea >> I >> have now is that you could create the Host entries before >> ipa-client-install is >> run, and manually set some attribute containing the subnet identification >> to >> description os Host Class attribute that Automember could consume. >> >>> I have two subnets and need to create two host groups for them. And all >>> host name were auto generated without any pattern. >>> >>> Thanks all. >>> >>> >>> >> >> > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] How to config automembership for IP or subnet
Thanks Martin. This is the document link: https://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA_Guide/automember.html It says : Dividing hosts based on their IP address or subnet. After I installed ipa-client-install the host would be registered to server automatically. I have many clients in two subnets ,it's impossible to add description manually. 2015-10-14 22:29 GMT+08:00 Martin Kosek : > On 10/14/2015 03:33 PM, zhiyong xue wrote: > > The document said > > Hi, > > What document you have in mind? > > > we can create automembership rule based by IP or subnet. > > But there's no any sample about it. Anyone know knows how to create them? > > If the information/attribute is not in the LDAP entry for the Host, > Automember > has no means of applying the rule and adding the membership. The only idea > I > have now is that you could create the Host entries before > ipa-client-install is > run, and manually set some attribute containing the subnet identification > to > description os Host Class attribute that Automember could consume. > > > I have two subnets and need to create two host groups for them. And all > > host name were auto generated without any pattern. > > > > Thanks all. > > > > > > > > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] How to config automembership for IP or subnet
On 10/14/2015 03:33 PM, zhiyong xue wrote: > The document said Hi, What document you have in mind? > we can create automembership rule based by IP or subnet. > But there's no any sample about it. Anyone know knows how to create them? If the information/attribute is not in the LDAP entry for the Host, Automember has no means of applying the rule and adding the membership. The only idea I have now is that you could create the Host entries before ipa-client-install is run, and manually set some attribute containing the subnet identification to description os Host Class attribute that Automember could consume. > I have two subnets and need to create two host groups for them. And all > host name were auto generated without any pattern. > > Thanks all. > > > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
[Freeipa-users] How to config automembership for IP or subnet
The document said we can create automembership rule based by IP or subnet. But there's no any sample about it. Anyone know knows how to create them? I have two subnets and need to create two host groups for them. And all host name were auto generated without any pattern. Thanks all. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
