2014-10-08 17:48 GMT+02:00 Alexander Bokovoy <aboko...@redhat.com>:

> On Wed, 08 Oct 2014, Genadi Postrilko wrote:
>
>> The forest root domain in my case is RED.COM.
>>
> You need to establish trust to red.com then. Any domain which is member
> of the forest red.com will be visible through trust.
>
> Forest trust can only be established between forest root domains, that's
> how it is designed by Microsoft.
>
>
It doesn't matter how complex the forest is? Even if the forest contains
number of domain trees, the trust has to be
established with the forest root domain?


>> I have attached the log files.
>>
> These logs show you are attempting to establish trust to blue.com which
> is not a forest root domain, thus nothing works.
>

I assumed that DNS forwarding has to be created between IPA (linux.blue.com)
and the AD (blue.com).
Should any DNS configuration change?
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to