Fixed.

It doesn't make sense to me, but there was an old broken trust to a
different AD that was clearly from the logs getting checked *after* the new
domain.  The logs showed that there was a result from the new domain, but
not enough detail to see what was going on.  I removed the old domain only
because it was polluting the logs, bump the log level to get more detail
and now everything works fine.

The link to the SSSD trouble shooting page was very valuable.  Thanks!


On Fri, Jul 21, 2017 at 10:12 AM, Jakub Hrozek via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:

> On Fri, Jul 21, 2017 at 05:53:57AM -0400, Steve Weeks via FreeIPA-users
> wrote:
> > Looks like I got the rootDSE, 109 lines of information and got the
> > following at the end.  I don't know much about ldap so I'm guessing this
> > was successful
>
> Yes, so the trust indeed works.
>
> >.  And, yes I did get a ldap/ad.cd ticket.  What should I
> > look at next?
>
> SSSD on the server itself. Please check out
> https://docs.pagure.org/SSSD.sssd/users/troubleshooting.html, hopefully
> the server-side sssd logs would help..
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
>
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to