Description of problem: I try add new custom attibute in Freeipa on user, and map this attribute on host like homedirectory, but unsuccessful. i hope you help me, thanks you =) Version-Release number of selected component (if applicable): [root@ipa1 ~]# cat /etc/redhat-release Fedora release 23 (Twenty Three) [root@ipa1 ~]# rpm -qa | egrep "ipa|sssd" python2-ipalib-4.3.0-1.fc23.x86_64 freeipa-client-common-4.3.0-1.fc23.noarch sssd-krb5-common-1.13.3-1.fc23.x86_64 sssd-krb5-1.13.3-1.fc23.x86_64 python-sssdconfig-1.13.3-1.fc23.noarch freeipa-server-trust-ad-4.3.0-1.fc23.x86_64 python3-iniparse-0.4-16.fc23.noarch freeipa-server-common-4.3.0-1.fc23.noarch freeipa-common-4.3.0-1.fc23.noarch libipa_hbac-1.13.3-1.fc23.x86_64 sssd-client-1.13.3-1.fc23.x86_64 python-ipaddress-1.0.7-4.fc23.noarch python3-sssdconfig-1.13.3-1.fc23.noarch freeipa-admintools-4.3.0-1.fc23.noarch python2-ipaclient-4.3.0-1.fc23.noarch python2-ipaserver-4.3.0-1.fc23.noarch sssd-common-1.13.3-1.fc23.x86_64 sssd-common-pac-1.13.3-1.fc23.x86_64 sssd-ipa-1.13.3-1.fc23.x86_64 sssd-ldap-1.13.3-1.fc23.x86_64 sssd-1.13.3-1.fc23.x86_64 freeipa-client-4.3.0-1.fc23.x86_64 freeipa-server-4.3.0-1.fc23.x86_64 freeipa-server-dns-4.3.0-1.fc23.noarch sssd-ad-1.13.3-1.fc23.x86_64 sssd-proxy-1.13.3-1.fc23.x86_64 python-libipa_hbac-1.13.3-1.fc23.x86_64 How reproducible: Steps to Reproduce: 1. Import new attribute and objectclasss -> add objectclasss as default for user -> create new user -> set attibute value for user ldapmodify -ZZ -x -D "cn=Directory Manager" -W -H ldap://localhost -f attribute.ldif ldapmodify -ZZ -x -D "cn=Directory Manager" -W -H ldap://localhost -f objectclass.ldif ldapmodify -ZZ -x -D "cn=Directory Manager" -W -H ldap://localhost -f value.ldif 2. Add line to /etc/sssd/sssd.conf in [domain/ipa.domain] section, ldap_user_home_directory = homeftp1 3. systemctl restart sssd && sss_cache -E Actual results: [root@ipa1 ~]# getent passwd test2 test2:*:516000010:516000010:test2 test444:/:/bin/sh Expected results: [root@ipa1 ~]# getent passwd test2 test2:*:516000010:516000010:test2 test444:/ftp/path:/bin/sh Additional info:
Created attachment 1117223 [details] attribute.ldif attribute.ldif
Created attachment 1117224 [details] objectclass.ldif
Created attachment 1117226 [details] value.ldif
The server value looks OK, moving to SSSD for consideration. I would be quite interested what is the use case for using home directory attributes that way, it is certainly the first time I see a use like this one.
Please provide sssd sssd log files with high debug level (9) https://fedorahosted.org/sssd/wiki/Troubleshooting
find another solution for me, use id view for remap homedirectory user per host.