On Thu, 11 Sep 2014, Traiano Welcome wrote:
This one is not usable. You need to enable debugging on the server side.
in the part where it talks about /usr/share/ipa/smb.conf.empty.
I've attached the debug logs, I'd be thankful if you could find anything
Can you please keep debugging and re-establish the trust using AD
I can see that AD DC does believe yet the trust is working:
Ticket in credentials cache for @LINUX will expire in 86400 secs
GSS client Update(krb5)(1) Update failed: Unspecified GSS failure.
Minor code may provide more information: KDC policy rejects request
"KDC policy rejects request" means AD-side of the trust is not set and
By running 'ipa trust-add ... --admin ..' you'll force AD DC to reset trust
and verify it.
/ Alexander Bokovoy
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project