[Freeipa-users] Re: Is it normal to ID overrides not show on IPA Replica with its names?

On pe, 03 heinä 2020, Vinícius Ferrão wrote: I guess as long as you are using fully qualified AD users/groups names on IPA masters, you don't need to remove the setting. Ok! Thank you. I’ll do some testing to see if the strange behaviour of getent will be solved removing the AD domain from def

[Freeipa-users] Re: Is it normal to ID overrides not show on IPA Replica with its names?

> On 3 Jul 2020, at 05:50, Alexander Bokovoy wrote: > > On pe, 03 heinä 2020, Vinícius Ferrão wrote: >> As you can see randomuser1 wasn’t being detected, then it recognised after a >> full UPN query. >> >> I’m guessing it may be related with what you said about the default domain >> order. >

[Freeipa-users] Re: Is it normal to ID overrides not show on IPA Replica with its names?

On pe, 03 heinä 2020, Vinícius Ferrão wrote: As you can see randomuser1 wasn’t being detected, then it recognised after a full UPN query. I’m guessing it may be related with what you said about the default domain order. Also I noticed this:

[Freeipa-users] Re: Is it normal to ID overrides not show on IPA Replica with its names?

> On 3 Jul 2020, at 05:21, Alexander Bokovoy wrote: > > On pe, 03 heinä 2020, Vinícius Ferrão wrote: >> Hi again Alexander, >> >>On 3 Jul 2020, at 04:4

[Freeipa-users] Re: Is it normal to ID overrides not show on IPA Replica with its names?

On pe, 03 heinä 2020, Vinícius Ferrão wrote: Hi again Alexander, On 3 Jul 2020, at 04:47, Alexander Bokovoy <[1]aboko...@redhat.com> wrote:

[Freeipa-users] Re: Is it normal to ID overrides not show on IPA Replica with its names?

Hi again Alexander, On 3 Jul 2020, at 04:47, Alexander Bokovoy mailto:aboko...@redhat.com>> wrote: On pe, 03 heinä 2020, Vinícius Ferrão wrote: Hi Alexander, But is it ok to not being controller trust or trust agent? It’s a good idea to be a trust agent at least? How can I check both? 'trust a

[Freeipa-users] Re: Is it normal to ID overrides not show on IPA Replica with its names?

On pe, 03 heinä 2020, Vinícius Ferrão wrote: Hi Alexander, But is it ok to not being controller trust or trust agent? It’s a good idea to be a trust agent at least? How can I check both? 'trust agent' is IPA server which resolves AD users and groups. So if you want your IPA clients to resolve

[Freeipa-users] Re: Is it normal to ID overrides not show on IPA Replica with its names?

Hi Alexander, But is it ok to not being controller trust or trust agent? It’s a good idea to be a trust agent at least? How can I check both? I can fetch from IPA the data regarding the trust, on the replica server normally. [root@ipa2 ~]# ipa trust-show Realm name: ad.example.com Realm name:

[Freeipa-users] Re: Is it normal to ID overrides not show on IPA Replica with its names?

On pe, 03 heinä 2020, Vinícius Ferrão via FreeIPA-users wrote: Hello, I have two FreeIPA servers with AD trust enabled. Usually I do everything on the IPA #1 server, but I just observed that SIDs aren’t resolved on th