I have gotten a little further along with this but am having problems
connecting to the AD LDAP.

[r...@ipa.wibble.com cacerts]# ipa-replica-manage connect --winsync
--binddn cn=administrator,cn=users,dc=prattle,dc=com --bindpw
X9deiX9dei --passsync X9deiX9dei --cacert
/etc/openldap/cacerts/prattle.crt win-5uglhak7rin.prattle.com. -vvv

Directory Manager password:

Added CA certificate /etc/openldap/cacerts/prattle.crt to certificate
database for ipa.wibble.com

ipa: INFO: Failed to connect to AD server win-5uglhak7rin.prattle.com.

ipa: INFO: The error was: {'info': '00000000: LdapErr: DSID-0C090E17,
comment: Error initializing SSL/TLS, data 0, v1db1', 'desc': 'Server
is unavailable'}

Failed to setup winsync replication

On 1 January 2014 22:27, Andrew Holway <andrew.hol...@gmail.com> wrote:
> Hello,
> I am attempting to set up trust between my test freeipa server at
> ipa.wibble.com. and my test AD server at win-5uglhak7rin.prattle.com.
> In the GUI I can see the following in "Trusts ยป prattle.com".
> Realm name: prattle.com
> Domain NetBIOS name: PRATTLE
> Domain Security Identifier: S-1-5-21-2812083513-4116408788-3699662436
> Trust direction: Two-way trust
> Trust type: Active Directory domain
> However I cant see any of the AD users that I have created nor can I
> log on to any of the systems under my freeipa realm.
> Jan  1 20:50:30 host002 sshd[9959]: Failed password for invalid user
> bob from port 55101 ssh2
> I haven't actually done anything to AD to facilitate this trust. Its
> not particularly clear what should be done.
> Many thanks,
> Andrew

Freeipa-users mailing list

Reply via email to