On 08/16/2012 05:32 PM, Rob Crittenden wrote: > Lucas Yamanishi wrote: >> I just migrated my IPA instance from one to another a couple days ago to >> recover after a lost CA and failed yum upgrade. The "ipa migrate-ds" >> tool works very well, though I am having a few very minor issues. On >> the upside, as far as I can tell, you can skip the steps about Kerberos >> key generation as outlined in the documentation. I've been able to >> kinit just fine with my migrated users. >> >> >> Below are the few errors I've noticed. >> >> * When I ssh into an enrolled host using a migrated user's credentials I >> get this error: >> >> id: cannot find name for group ID 104600003\ > > Does a group exist with that GID? You can try something like: > > $ ipa group-find --gid=104600003 >
The group doesn't exist. The GID is the counterpart to my UID. >> >> * I see this error in my dirsrv-EXAMPLE/errors log after changing a >> password: >> >> [15/Aug/2012:12:38:24 -0400] ipapwd_setPasswordHistory - [file >> ipapwd_common.c, line 926]: failed to generate new password history! > > It is a red herring. The default is to have no password history, so we > don't generate any, then we complain that none was made! I actually have > a fix in my tree I plan to propose soon. > > rob > >> >> >> ----- >> *question everything*learn something*answer nothing* >> ------------ >> Lucas Yamanishi >> ------------------ >> Systems Administrator, ADNET Systems, Inc. >> NASA Space and Earth Science Data Analysis (606.9) >> 7515 Mission Drive, Suite A100 >> Lanham, MD 20706 * 301-352-4646 * 0xE23F3D7A >> >> On 08/16/2012 05:00 PM, Steven Jones wrote: >>> Hi, >>> >>> What is the default length of time the sssd daemon on a client caches >>> for once IPA is off line pls? >>> >>> Is there any practical way to take the user info from one ipa >>> instance/domain and import it into another? I know the client >>> machines will have to have ipa un-installed and resetting users >>> passwords are not biggees I'd just not rather have to input all the >>> groups and hbac rules by hand. >>> >>> regards >>> >>> Steven Jones >>> >>> Technical Specialist - Linux RHCE >>> >>> Victoria University, Wellington, NZ >>> >>> 0064 4 463 6272 >>> >>> _______________________________________________ >>> Freeipa-users mailing list >>> Freeipa-users@redhat.com >>> https://www.redhat.com/mailman/listinfo/freeipa-users >>> >> >> >> >> _______________________________________________ >> Freeipa-users mailing list >> Freeipa-users@redhat.com >> https://www.redhat.com/mailman/listinfo/freeipa-users >> > > -- ----- *question everything*learn something*answer nothing* ------------ Lucas Yamanishi ------------------ Systems Administrator, ADNET Systems, Inc. 7515 Mission Drive, Suite A100 Lanham, MD 20706 * 301-352-4646 * 0xE23F3D7A
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users