https://bugzilla.redhat.com/show_bug.cgi?id=870278 (Red Hat Enterprise Linux 6)
Description of problem: I would expect that any necessary client install (including via ipa-replica-install) would configure necessary changes when a cross domain trust is in place. After having to re-configure/re-install a replica, I noticed that /etc/sssd/sssd.conf was missing subdomains_provider line. ipa-client-install, ipa-replica-install should properly configure client config files for trusts if trusts are enabled for the environemt. Version-Release number of selected component (if applicable): ipa-server-3.0.0-105.20121022T2338zgit3488770.el6.x86_64 How reproducible: Unknown Steps to Reproduce: 1. Install IPA Master and Replica 2. Install AD Server 3. Setup trust to AD domain 4. on replica: ipa-server-install --uninstall -U 5. on master: ipa-replica-manage -p PASSWORD del REPLICA --force 6. on master: ipa-replica-prepare -p PASSWORD --ip-address=REPLICA_IP REPLICA 7. on replica: sftp MASTER:/var/lib/ipa/replica-info-REPLICA.gpg 8. on replica: ipa-replica-install -U --setup-ca --setup-dns --forwarder=DNSFORWARDER -w PASSWORD -p PASSWD replica-info-REPLICA.gpg Actual results: configs missing. at the very least /etc/sssd/sssd.conf is missing subdomains_provider = ipa line. Expected results: all trust related configs should be handled by ipa install commands. Additional info:
Notes for implementation:
sssd.conf
Adding simo and sbose to CC.
The scope of automatic configuration on SSSD side is not defined yet, i.e. we do not know how much work we need to do in IPA on new SSSD installs and updates.
The work is moved to SSSD closing.
Metadata Update from @mkosek: - Issue assigned to mkosek - Issue set to the milestone: FreeIPA 3.0.2
Login to comment on this ticket.