HI

trust was successful

ipa trust-add --type=ad *ad_domain* --admin Administrator --password

and i got output like below

Active directory domain administrator's password:
------------------------------------------------------
Added Active Directory trust for realm "KWTTESTDC.COM"
------------------------------------------------------
  Realm name: KWTTESTDC.COM
  Domain NetBIOS name: KWTTESTDC
  Domain Security Identifier: S-1-5-21-3779563847-208264455-1888173826
  SID blacklist incoming: S-1-0, S-1-1, S-1-2, S-1-3, S-1-5-1, S-1-5-2,
S-1-5-3, S-1-5-4, S-1-5-5, S-1-5-6, S-1-5-7, S-1-5-8, S-1-5-9, S-1-5-10,
S-1-5-11,
                          S-1-5-12, S-1-5-13, S-1-5-14, S-1-5-15, S-1-5-16,
S-1-5-17, S-1-5-18, S-1-5-19, S-1-5-20
  SID blacklist outgoing: S-1-0, S-1-1, S-1-2, S-1-3, S-1-5-1, S-1-5-2,
S-1-5-3, S-1-5-4, S-1-5-5, S-1-5-6, S-1-5-7, S-1-5-8, S-1-5-9, S-1-5-10,
S-1-5-11,
                          S-1-5-12, S-1-5-13, S-1-5-14, S-1-5-15, S-1-5-16,
S-1-5-17, S-1-5-18, S-1-5-19, S-1-5-20
  Trust direction: Two-way trust
  Trust type: Active Directory domain
  Trust status: Established and verified

this is what it should give noe?

How can i check the trust is correct or not.?

Regards,
Ben

On Mon, Mar 2, 2015 at 10:10 PM, Alexander Bokovoy <aboko...@redhat.com>
wrote:

> On Mon, 02 Mar 2015, Ben .T.George wrote:
>
>> HI
>>
>> i am getting below error. please anyone tell me what does it mean
>>
>> [root@kwttstfreipa01 ~]# ipa group-add-member ad_admins_external
>> --external
>> 'KWTTESTDC\Domain Admins'
>> [member user]:
>> [member group]:
>>  Group name: ad_admins_external
>>  Description: kwttestdc.com admins external map
>>  Failed members:
>>    member user:
>>    member group: KWTTESTDC\Domain Admins: trusted domain object not found
>> -------------------------
>> Number of members added 0
>>
> This looks like you don't have trust established.
>
> --
> / Alexander Bokovoy
>
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to