On to, 09 marras 2017, Justin Smith via FreeIPA-users wrote:
I have FreeIPA and Active Directory on our network and am attempting to
follow the [ https://www.freeipa.org/page/Active_Directory_trust_setup
| official instructions ] for getting a trust set up.

I'm down to the section where I run ipa trust-add to set up the trust.
I've set up and verified DNS forwarding on both ends.

Here is the output I'm stuck on:

[root@ipa2 conf.d]# ipa -v trust-add --type ad ad.mimsoftware.com --admin 
Administrator --password
ipa: INFO: trying https://ipa2.mimsoftware.com/ipa/json
ipa: INFO: [try 1]: Forwarding 'schema' to json server 
'https://ipa2.mimsoftware.com/ipa/json'
ipa: INFO: trying https://ipa2.mimsoftware.com/ipa/session/json
Active Directory domain administrator's password:
ipa: INFO: [try 1]: Forwarding 'trust_add/1' to json server 
'https://ipa2.mimsoftware.com/ipa/session/json'
ipa: ERROR: an internal error has occurred

Any ideas where to begin troubleshooting? If I try this same process in
the browser interface, it throws an error:

"AD DC was unable to reach any IPA domain controller. Most likely it is
a DNS or firewall issue"

However, I've verified that it can't be DNS. What about firewall
configuration on the Windows end? The official instructions just say
"to be added."
?

See man page for ipa-adtrust-install, it has all firewall requirements
listed. More to that, when you run ipa-adtrust-intall, it actually
prints you a list of ports that need to be open on both sides.

--
/ Alexander Bokovoy
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to