Hi! This is my first FreeIPA setup that needs to be trusted against AD. I spent some hours to debug my issue but I need some help:
root@auth1 ~ # ipa trust-add --two-way=true --type=ad intra.example.com --admin administrator --password Active Directory domain administrator's password: ipa: ERROR: CIFS server communication error: code "3221225581", message "The attempted logon is invalid. This is either due to a bad username or authentication information." (both may be "None") I've also tried "[email protected]" as well as another administrative account with domain admin privileges. The password is 100% fine and works for ldapadmin (windows tool) as well as windows logons. DNS is also fine: I set up forwarding of "intra.example.com" from IPA to the AD domain and reverse "auth.example.com" from AD to IPA. WORKS: ldapsearch -H ldap://192.168.80.1:389 -x -W -D " [email protected]" -b "dc=intra,dc=example,dc=com" -d8 Environment: Debian Sid, FreeIPA 4.7.2 Did I miss something? What am I doing wrong here? Kind regards Kevin
_______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
