Our setup is really close to this how-to: http://www.freeipa.org/page/HowTo/Setup_FreeIPA_Services_for_Mac_OS_X_10.12
Just a little different because this didn't exist when we did the configuration. But even if you follow that, users on Mac are not getting IPA groups and without correct groups, ALCs are not working for those workstations. Luiz On 07/25/2017 10:36 AM, Grant Janssen wrote: Luiz Oh yes, I had this problem. But getting functionality on OS-X was not a simple matter. Do you have documentation on how you got there? - grant On Jul 24, 2017, at 14:16, Luiz Garrido ALKEMY X via FreeIPA-users <freeipa-users@lists.fedorahosted.org><mailto:freeipa-users@lists.fedorahosted.org> wrote: Hi, We have an environment with mixed OSX and CentOS computers and IPA is working great for almost everything. The only problem that we have (besides the known ones) is that the IPA user logged to an OSX computer is not getting group information. Logged to a CentOS, the `id` command shows all the groups assigned to the user but running the same command on an OSX under the same user, the groups are different, mainly Apple groups and not our IPA groups. Does anyone had this problem? So, because of this, ACL permissions on our NFS server is not working for OSX machines, but are working great for CentOS ones. Thanks! Luiz Garrido This e-mail and any attachments are intended only for use by the addressee(s) named herein and may contain confidential information. If you are not the intended recipient of this e-mail, you are hereby notified any dissemination, distribution or copying of this email and any attachments is strictly prohibited. If you receive this email in error, please immediately notify the sender by return email and permanently delete the original, any copy and any printout thereof. The integrity and security of e-mail cannot be guaranteed.
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org