oops. Sent last email in HTML format which likely got stripped.
Resending
Hi folks,
Has anyone used FreeIPA or RHEL IDM to integrate an SGE cluster into a
complex active directory environment?
I've got an issue where the AD integration is working fine across a
pretty complex set of
Hi,
> Am 02.08.2017 um 01:00 schrieb Chris Dagdigian :
>
>
> oops. Sent last email in HTML format which likely got stripped. Resending
>
>
> Hi folks,
>
> Has anyone used FreeIPA or RHEL IDM to integrate an SGE cluster into a
> complex active directory environment?
>
> I've got an issu
Thanks Reuti!
I can't use the trick in that tip because we have more than one AD
domain to support and that "default_ad_domain_suffix=" setting only
works for one AD domain
The real solution is for us to wait for the next SSSD patch to come out
- they've added features that should allow uni
If you support multiple domains, are you able to guarantee unique short
names? It seems to me that could be a problem. If it is a case of multiple
AD domains, but all coming form the same entity, thus guaranteeing unique
short names, why not see if Services for UNIX is enabled in the domain, and
us
Yeah short names are guaranteed unique in my environment. The new patch
for SSSD allows one to define an AD domain search/preference order and I
think the implication there is that if a dupe shortname is detected it
will assume that the shortname belongs to the 1st domain listed in the
order
Do you have control over the RHEL IDM server? If so, it is pretty simple to
perform LDAP queries against IDM/IPA.
Ian
On Wed, Aug 2, 2017 at 8:21 AM, Chris Dagdigian wrote:
>
> Yeah short names are guaranteed unique in my environment. The new patch
> for SSSD allows one to define an AD domain