Lucas Yamanishi wrote:
On 08/16/2012 05:32 PM, Rob Crittenden wrote:
Lucas Yamanishi wrote:
I just migrated my IPA instance from one to another a couple days ago to
recover after a lost CA and failed yum upgrade. The "ipa migrate-ds"
tool works very well, though I am having a few very minor issues. On
the upside, as far as I can tell, you can skip the steps about Kerberos
key generation as outlined in the documentation. I've been able to
kinit just fine with my migrated users.
Below are the few errors I've noticed.
* When I ssh into an enrolled host using a migrated user's credentials I
get this error:
id: cannot find name for group ID 104600003\
Does a group exist with that GID? You can try something like:
$ ipa group-find --gid=104600003
The group doesn't exist. The GID is the counterpart to my UID.
Try adding --private.
rob
* I see this error in my dirsrv-EXAMPLE/errors log after changing a
password:
[15/Aug/2012:12:38:24 -0400] ipapwd_setPasswordHistory - [file
ipapwd_common.c, line 926]: failed to generate new password history!
It is a red herring. The default is to have no password history, so we
don't generate any, then we complain that none was made! I actually have
a fix in my tree I plan to propose soon.
rob
-----
*question everything*learn something*answer nothing*
------------
Lucas Yamanishi
------------------
Systems Administrator, ADNET Systems, Inc.
NASA Space and Earth Science Data Analysis (606.9)
7515 Mission Drive, Suite A100
Lanham, MD 20706 * 301-352-4646 * 0xE23F3D7A
On 08/16/2012 05:00 PM, Steven Jones wrote:
Hi,
What is the default length of time the sssd daemon on a client caches
for once IPA is off line pls?
Is there any practical way to take the user info from one ipa
instance/domain and import it into another? I know the client
machines will have to have ipa un-installed and resetting users
passwords are not biggees I'd just not rather have to input all the
groups and hbac rules by hand.
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
