Logged as https://pagure.io/freeipa/issue/8636 <https://pagure.io/freeipa/issue/8636>
> On Dec 23, 2020, at 11:01 PM, Alexander Bokovoy <[email protected]> wrote: > > On ke, 23 joulu 2020, Alan Latteri via FreeIPA-users wrote: >> Hello. >> >> I have setup a test FreeIPA server and client, CentOS 8.3, very >> minimal, exactly as the documentation. I can successfully mount a >> Samba shared from ipaclient on MacOS, the first access. But any >> subsequent share mounting fails until winbind is restarted. Please >> see this screen capture which explicitly shows the issue. >> >> https://youtu.be/8Qd8u67WLkU >> >> These errors appear in /var/log/messages: >> Dec 23 13:31:15 ipaclient01 winbindd[1258]: [2020/12/23 13:31:15.265397, 0] >> ../../source3/winbindd/winbindd_util.c:175(add_trusted_domain) >> Dec 23 13:31:15 ipaclient01 winbindd[1258]: add_trusted_domain: SID >> [S-1-5-21-1037681751-2390144637-354493272] already used by domain [IPA], >> expected [ipa.instinctual.studio] >> Dec 23 13:31:15 ipaclient01 winbindd[1258]: [2020/12/23 13:31:15.265462, 0] >> ../../source3/winbindd/winbindd_pam_auth_crap.c:169(winbindd_pam_auth_crap_done) >> Dec 23 13:31:15 ipaclient01 winbindd[1258]: winbindd_pam_auth_crap_done: >> add_trusted_domain_from_auth failed >> Dec 23 13:31:17 ipaclient01 winbindd[1258]: [2020/12/23 13:31:17.263925, 0] >> ../../source3/winbindd/winbindd_util.c:175(add_trusted_domain) >> Dec 23 13:31:17 ipaclient01 winbindd[1258]: add_trusted_domain: SID >> [S-1-5-21-1037681751-2390144637-354493272] already used by domain [IPA], >> expected [ipa.instinctual.studio] >> Dec 23 13:31:17 ipaclient01 winbindd[1258]: [2020/12/23 13:31:17.263985, 0] >> ../../source3/winbindd/winbindd_pam_auth_crap.c:169(winbindd_pam_auth_crap_done) >> Dec 23 13:31:17 ipaclient01 winbindd[1258]: winbindd_pam_auth_crap_done: >> add_trusted_domain_from_auth failed > > Does it work for you with Kerberos authentication? > > Either way, please create an issue at > https://pagure.io/freeipa/new_issue with all details, including full > samba logs. > > Most of FreeIPA developers are on vacation for next week or two (I am > already and will only be back to work on Januarry 11th), so do not > expect prompt replies in this time. (This applies to most of threads on > the list). > > > -- > / Alexander Bokovoy > Sr. Principal Software Engineer > Security / Identity Management Engineering > Red Hat Limited, Finland >
_______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
