I have followed this documentation for enabling an automount to show up for a NIS client that is bound to FreeIPA, and it worked as expected and the NIS client can see the automount:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/htm...
I then went back and dumped the entire ldap tree out of curiosity to see my changes I just added, and they are not there. If I search for the keys "nis-base" or "nis-domain" for example, it's no where to be found.
Where did this change actually go? I feel like I'm going crazy! :)
Thanks for the help in furthering my understanding!
Russell Jones via FreeIPA-users wrote:
I have followed this documentation for enabling an automount to show up for a NIS client that is bound to FreeIPA, and it worked as expected and the NIS client can see the automount:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/htm...
I then went back and dumped the entire ldap tree out of curiosity to see my changes I just added, and they are not there. If I search for the keys "nis-base" or "nis-domain" for example, it's no where to be found.
Where did this change actually go? I feel like I'm going crazy! :)
What user did you use to dump the tree? It's likely it lacked the read permissions to see the cn=config entries.
rob
I am logging in as the Directory Manager user.
I downloaded an LDAP brower app and have also logged in as that user, and not seeing the entries anywhere there either.
Here's what I am getting from a CLI standpoint:
[root@freeipa4 ~]# ldapsearch -x -D "cn=Directory Manager" -W > output.txt Enter LDAP Password: [root@freeipa4 ~]# grep -i "cn=config" output.txt ipaPermTarget: cn=*,cn=automember rebuild membership,cn=tasks,cn=config ipaPermLocation: cn=tasks,cn=config [root@freeipa4 ~]#
On Thu, Feb 6, 2020 at 1:30 PM Rob Crittenden rcritten@redhat.com wrote:
Russell Jones via FreeIPA-users wrote:
I have followed this documentation for enabling an automount to show up for a NIS client that is bound to FreeIPA, and it worked as expected and the NIS client can see the automount:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/htm...
I then went back and dumped the entire ldap tree out of curiosity to see my changes I just added, and they are not there. If I search for the keys "nis-base" or "nis-domain" for example, it's no where to be found.
Where did this change actually go? I feel like I'm going crazy! :)
What user did you use to dump the tree? It's likely it lacked the read permissions to see the cn=config entries.
rob
Just some extra info. The entry is definitely in there, I just can't figure out how to pull it back out:
[root@freeipa4 ~]# ldapadd -x -D "cn=Directory Manager" -W -f ./nis.txt Enter LDAP Password: adding new entry "nis-domain=<redacted>+nis-map=auto.main,cn=NIS Server,cn=plugins,cn=config" ldap_add: Already exists (68)
[root@freeipa4 ~]#
On Thu, Feb 6, 2020 at 1:35 PM Russell Jones arjones85@gmail.com wrote:
I am logging in as the Directory Manager user.
I downloaded an LDAP brower app and have also logged in as that user, and not seeing the entries anywhere there either.
Here's what I am getting from a CLI standpoint:
[root@freeipa4 ~]# ldapsearch -x -D "cn=Directory Manager" -W > output.txt Enter LDAP Password: [root@freeipa4 ~]# grep -i "cn=config" output.txt ipaPermTarget: cn=*,cn=automember rebuild membership,cn=tasks,cn=config ipaPermLocation: cn=tasks,cn=config [root@freeipa4 ~]#
On Thu, Feb 6, 2020 at 1:30 PM Rob Crittenden rcritten@redhat.com wrote:
Russell Jones via FreeIPA-users wrote:
I have followed this documentation for enabling an automount to show up for a NIS client that is bound to FreeIPA, and it worked as expected and the NIS client can see the automount:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/htm...
I then went back and dumped the entire ldap tree out of curiosity to see my changes I just added, and they are not there. If I search for the keys "nis-base" or "nis-domain" for example, it's no where to be found.
Where did this change actually go? I feel like I'm going crazy! :)
What user did you use to dump the tree? It's likely it lacked the read permissions to see the cn=config entries.
rob
For those that find this later, these settings will show up if you search cn=config specifically.
No idea why it doesn't show up on a full dump.
On Thu, Feb 6, 2020, 2:26 PM Russell Jones arjones85@gmail.com wrote:
Just some extra info. The entry is definitely in there, I just can't figure out how to pull it back out:
[root@freeipa4 ~]# ldapadd -x -D "cn=Directory Manager" -W -f ./nis.txt Enter LDAP Password: adding new entry "nis-domain=<redacted>+nis-map=auto.main,cn=NIS Server,cn=plugins,cn=config" ldap_add: Already exists (68)
[root@freeipa4 ~]#
On Thu, Feb 6, 2020 at 1:35 PM Russell Jones arjones85@gmail.com wrote:
I am logging in as the Directory Manager user.
I downloaded an LDAP brower app and have also logged in as that user, and not seeing the entries anywhere there either.
Here's what I am getting from a CLI standpoint:
[root@freeipa4 ~]# ldapsearch -x -D "cn=Directory Manager" -W > output.txt Enter LDAP Password: [root@freeipa4 ~]# grep -i "cn=config" output.txt ipaPermTarget: cn=*,cn=automember rebuild membership,cn=tasks,cn=config ipaPermLocation: cn=tasks,cn=config [root@freeipa4 ~]#
On Thu, Feb 6, 2020 at 1:30 PM Rob Crittenden rcritten@redhat.com wrote:
Russell Jones via FreeIPA-users wrote:
I have followed this documentation for enabling an automount to show up for a NIS client that is bound to FreeIPA, and it worked as expected
and
the NIS client can see the automount:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/htm...
I then went back and dumped the entire ldap tree out of curiosity to
see
my changes I just added, and they are not there. If I search for the keys "nis-base" or "nis-domain" for example, it's no where to be
found.
Where did this change actually go? I feel like I'm going crazy! :)
What user did you use to dump the tree? It's likely it lacked the read permissions to see the cn=config entries.
rob
On 2/7/20 1:50 AM, Russell Jones via FreeIPA-users wrote:
For those that find this later, these settings will show up if you search cn=config specifically.
No idea why it doesn't show up on a full dump.
Hi,
with the following search:
[root@freeipa4 ~]# ldapsearch -x -D "cn=Directory Manager" -W > output.txt
ldapsearch is using as basedn the value BASE specified in your /etc/openldap/ldap.conf file (or ldaprc, .ldaprc). On a standard IPA install the value is dc=<DOMAIN>,dc=<COM>. This means that cn=config subtree won't be searched.
HTC, flo
On Thu, Feb 6, 2020, 2:26 PM Russell Jones <arjones85@gmail.com mailto:arjones85@gmail.com> wrote:
Just some extra info. The entry is definitely in there, I just can't figure out how to pull it back out: [root@freeipa4 ~]# ldapadd -x -D "cn=Directory Manager" -W -f ./nis.txt Enter LDAP Password: adding new entry "nis-domain=<redacted>+nis-map=auto.main,cn=NIS Server,cn=plugins,cn=config" ldap_add: Already exists (68) [root@freeipa4 ~]# On Thu, Feb 6, 2020 at 1:35 PM Russell Jones <arjones85@gmail.com <mailto:arjones85@gmail.com>> wrote: I am logging in as the Directory Manager user. I downloaded an LDAP brower app and have also logged in as that user, and not seeing the entries anywhere there either. Here's what I am getting from a CLI standpoint: [root@freeipa4 ~]# ldapsearch -x -D "cn=Directory Manager" -W > output.txt Enter LDAP Password: [root@freeipa4 ~]# grep -i "cn=config" output.txt ipaPermTarget: cn=*,cn=automember rebuild membership,cn=tasks,cn=config ipaPermLocation: cn=tasks,cn=config [root@freeipa4 ~]# On Thu, Feb 6, 2020 at 1:30 PM Rob Crittenden <rcritten@redhat.com <mailto:rcritten@redhat.com>> wrote: Russell Jones via FreeIPA-users wrote: > I have followed this documentation for enabling an automount to show up > for a NIS client that is bound to FreeIPA, and it worked as expected and > the NIS client can see the automount: > > https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/exposing_automount_maps_to_nis_clients > > I then went back and dumped the entire ldap tree out of curiosity to see > my changes I just added, and they are not there. If I search for the > keys "nis-base" or "nis-domain" for example, it's no where to be found. > > Where did this change actually go? I feel like I'm going crazy! :) > What user did you use to dump the tree? It's likely it lacked the read permissions to see the cn=config entries. rob
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste...
freeipa-users@lists.fedorahosted.org
-
Florence Blanc-Renaud -
Rob Crittenden -
Russell Jones