[SSSD-users] Re: [Freeipa-users] nss_getpwnam: name 't...@my.dom@localdomain' does not map into domain 'nix.my.dom'

On 3/12/2018 11:25 AM, Rob Crittenden wrote: TomK wrote: On 3/7/2018 1:11 PM, Rob Crittenden wrote: Hey Rob, When starting idmapd or stopping it, logs on the LDAP server don't change.  But UID and GID's change to nfsnobody when I set Nobody-User and Nobody-Group to nfsnobody in

[SSSD-users] Re: Multiple logins by the same user at the same host at nearly the exact time

ok, pretty sure this is selinux related or sssd/pam handling of selinux related if I put selinux_provider = none in my sssd.conf problem goes away AND my slow logins since the latest sssd version for CentOS was pushed problem goes away as well we have SELinux status: disabled

[SSSD-users] Re: SSSD and Firewalls

You can always sniff the network between the client and servers to see which ports traffic is going over. Wireshark can do this or your firewall admin may be able to grab a trace. It's ugly, but it will tell you every port used (even ephemeral ones). =G= On Wed, Mar 14, 2018 at 4:34 PM, Roger

[SSSD-users] Re: [Freeipa-users] Auto create NFS home folders on IPA Server.

or pam_mkhomedir. Or if using kerberized NFS, our pam_kmkhomedir. > On Feb 27, 2018, at 3:40 AM, Alexander Bokovoy via FreeIPA-users > wrote: > > On ti, 27 helmi 2018, TomK via FreeIPA-users wrote: >> On 2/26/2018 1:27 AM, Alexander Bokovoy via

[SSSD-users] Re: SSSD and Firewalls

Hi! Den 2018-03-14 kl. 18:26, skrev Simo Sorce: On Wed, 2018-03-14 at 18:01 +0100, Roger Mårtensson wrote: Hello! Got tasked to look at firewall rules and am now wondering if there is a document anywhere that describes the ports and protocols used by SSSD? My list currently consist of: 53

[SSSD-users] Re: Experiencing a bug on users' name and ID

On Tue, Mar 13, 2018 at 3:24 AM, Sumit Bose wrote: > On Mon, Mar 12, 2018 at 03:05:43PM -0400, Asif Iqbal wrote: > > On Mon, Mar 12, 2018 at 11:04 AM, Asif Iqbal wrote: > > > > > > > > > > > On Mon, Mar 12, 2018 at 5:59 AM, Sumit Bose

[SSSD-users] Re: Multiple logins by the same user at the same host at nearly the exact time

Thanks. I deployed a clean/new Fedora 27 minimal, installed ipa-client/sssd, we have sssd version 1.16.0-6.fc27 on that virtual machine now, and then enrolled the host in our FreeIPA. Then I did a: service sssd stop ; rm -rvf /var/lib/sss/db/* ; rm -rvf /var/lib/sss/mc/* ; rm -rvf

[SSSD-users] Re: SSSD and Firewalls

On (14/03/18 18:01), Roger Mårtensson wrote: >Hello! > >Got tasked to look at firewall rules and am now wondering if there is a >document anywhere that describes the ports and protocols used by SSSD? > >My list currently consist of: 53 (udp/tcp), 88 (udp), 389 (tcp), 636 (tcp) >and 3268 (tcp) and

[SSSD-users] SSSD and Firewalls

Hello! Got tasked to look at firewall rules and am now wondering if there is a document anywhere that describes the ports and protocols used by SSSD? My list currently consist of: 53 (udp/tcp), 88 (udp), 389 (tcp), 636 (tcp) and 3268 (tcp) and 3269 (tcp) If I search on "Windows Client" and

[SSSD-users] SSSD strangeness

Hi All We've got SSSD 1.13.0 installed as part of a Centos 7.2.1511 installation. We've used realmd to join the host concerned to our 2008R2 AD system. This went really well, and consequently we've been using SSSD to provide login services and kerberos integration for our fairly large hadoop

[SSSD-users] Re: [Freeipa-users] Re: Re: Auto create NFS home folders on IPA Server.

I noted before that we have a Kerberized mkhomedir. There’s a pam module, pam_kmkhomedir. It does a kerberized call to a service on the NFS server or some other system that has the file system mounted in a way that it can create directories. We did this because we use Kerberized NFS. Root can’t