abbra
commented
1 year ago Not sure what version you are using. https://github.com/abbra/freeipa/commit/4903d48869d10e8ee084a15b780e5ccac3564010 is on the tip of the gc-wip branch and should help here.
Closed antnjakushin closed 1 year ago
abbra
commented
1 year ago Not sure what version you are using. https://github.com/abbra/freeipa/commit/4903d48869d10e8ee084a15b780e5ccac3564010 is on the tip of the gc-wip branch and should help here.
antnjakushin
commented
1 year ago I am using the version from COPR repository: https://copr.fedorainfracloud.org/coprs/abbra/gc-wip/ I assume that the latest assembly is based on https://github.com/abbra/freeipa/commit/4903d48869d10e8ee084a15b780e5ccac3564010 More information about my environment: I'm using podman container by adding a COPR repository to the docker file, and running with podman-compose:
version: '3' services: freeipa: image: freeipa:v4.11.0-gc-dev hostname: dc01.ipa.example.com container_name: freeipa restart: always volumes:
networks: macvlan_mgmt: external: true
FreeIPA version:
ipa --version VERSION: 4.11.0.dev202308091421+git, API_VERSION: 2.253
abbra
commented
1 year ago Thanks. Reproduced. There is an issue in how template for groups is producing its result due to how variable modifications are allowed in the Jnija2 templates. Working on it.
abbra
commented
1 year ago Should be fixed with https://github.com/freeipa/freeipa/commit/31314a9d1e76050effa1c3f291fb3a3ef79414d8. It will probably take some time to run the rebuild as copr is misbehaving for me.
Is it possible to use the component ipa-adtrust-install without connecting to AD? I want to use the global catalog to connect services that expect AD as LDAP. But after running the command "ipa-adtrust-install" without attributes, the service ipa-gcsyncd does not start with an error:
ldap.OBJECT_CLASS_VIOLATION: {'msgtype': 105, 'msgid': 7, 'result': 65, 'desc': 'Object class violation', 'ctrls': [], 'info': 'attribute "gidNumber" not allowed\n'}ipa-gcsyncd.log