On Wed, 01 Jul 2015, David Fox wrote:
I am encountering issues trying to integrate FreeIPA with AD, on *nix
promp I get "internal server rror" and within I receive the following
message in httpd_errorlog.
[0070] 00 00 00 00 0D 00 00 00 69 00 70 00 61 00 2E 00 ........
i.p.a...
[0080] 68 00 73 00 61 00 2E 00 63 00 6F 00 2E 00 75 00 ... c.o...u.
[0090] 6B 00 00 00 00 00 00 00 k.......
[Tue Jun 30 13:17:01.369249 2015] [:error] [pid 1063] ipa: ERROR:
non-public: TypeError: default/librpc/gen_ndr/py_lsa.c:9436: Expected
type 'security.dom_sid' for 'py_dom_sid' of type 'NoneType'
[Tue Jun 30 13:17:01.369285 2015] [:error] [pid 1063] Traceback (most
recent call last):
[Tue Jun 30 13:17:01.369289 2015] [:error] [pid 1063] File
"/usr/lib/python2.7/site-packages/ipaserver/rpcserver.py", line 348,
in wsgi_execute
[Tue Jun 30 13:17:01.369292 2015] [:error] [pid 1063] result =
self.Command[name](*args, **options)
[Tue Jun 30 13:17:01.369294 2015] [:error] [pid 1063] File
"/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 439, in
__call__
[Tue Jun 30 13:17:01.369303 2015] [:error] [pid 1063] ret =
self.run(*args, **options)
[Tue Jun 30 13:17:01.369306 2015] [:error] [pid 1063] File
"/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 754, in
run
[Tue Jun 30 13:17:01.369308 2015] [:error] [pid 1063] return
self.execute(*args, **options)
[Tue Jun 30 13:17:01.369310 2015] [:error] [pid 1063] File
"/usr/lib/python2.7/site-packages/ipalib/plugins/trust.py", line 474,
in execute
[Tue Jun 30 13:17:01.369313 2015] [:error] [pid 1063] result =
self.execute_ad(full_join, *keys, **options)
[Tue Jun 30 13:17:01.369315 2015] [:error] [pid 1063] File
"/usr/lib/python2.7/site-packages/ipalib/plugins/trust.py", line 709,
in execute_ad
[Tue Jun 30 13:17:01.369318 2015] [:error] [pid 1063]
self.realm_passwd
[Tue Jun 30 13:17:01.369320 2015] [:error] [pid 1063] File
"/usr/lib/python2.7/site-packages/ipaserver/dcerpc.py", line 1222, in
join_ad_full_credentials
[Tue Jun 30 13:17:01.369323 2015] [:error] [pid 1063]
self.remote_domain.establish_trust(self.local_domain, trustdom_pass)
[Tue Jun 30 13:17:01.369325 2015] [:error] [pid 1063] File
"/usr/lib/python2.7/site-packages/ipaserver/dcerpc.py", line 963, in
establish_trust
[Tue Jun 30 13:17:01.369327 2015] [:error] [pid 1063]
self._pipe.DeleteTrustedDomain(self._policy_handle, res.info_ex.sid)
[Tue Jun 30 13:17:01.369330 2015] [:error] [pid 1063] TypeError:
default/librpc/gen_ndr/py_lsa.c:9436: Expected type 'security.dom_sid'
for 'py_dom_sid' of type 'NoneType'
[Tue Jun 30 13:17:01.369648 2015] [:error] [pid 1063] ipa: INFO:
[jsonserver_session] admin@IPA.*redacted*: trust_add(u'*redacted*',
trust_type=u'ad', realm_admin=u'*redacted*', realm_passwd=u'********',
all=False, raw=False, version=u'2.112'): TypeError
These are whole logs with "log level = 100" set in smb.conf.empty. Log
files were emptied before the above command was ran. If there is any
other information required please let me know.
Software versions:
Fedora 22: 4.1.4
Fedora 22: 4.2 Alpha 1
Oracle Linux 7.1 64bit: without DNS
ipa-server.x86_64 - 4.1.0-18.0.1-el17_1.3
ipa-server-trust-ad.x86_64 - 4.1.0-18.0.1-el17_1.3
CentOS 7.1 64bit: With DNS
ipa-server.x86_64 - 4.1.0-18-el7.centos.3
ipa-server-trust-ad.x86_64 - 4.1.0-18-el7.centos.3
It is unclear from your report what exact distro causing this issue for
you. Is this with Fedora 22 (e.g. Samba 4.2)?
--
/ Alexander Bokovoy
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project