On Fri, 10 Jul 2015, Angelo Pantano wrote:
I have a freeipa server trusting an active directory domain, if I ssh to
the ipa server everything works, but if I try to ssh on an ipa client the
authentication fails.
I noticed on the server that the wbinfo -n 'AD\Domain Users' is failing:
failed to call wbcLookupName: WBC_ERR_DOMAIN_NOT_FOUND
Also in the logs I see:
log.winbindd-dc-connect: get_sorted_dc_list: attempting lookup for name
ad.local (sitename NULL)
everything else works though, I can getent users and group just fine.
Can you please help me?
We don't use wbinfo and don't recommend it with FreeIPA AD trusts -- at
least with Fedora 18+ and RHEL7+. When your FreeIPA server is deployed
on those platforms, SSSD is used to resolve users, not winbindd.
Winbindd is only used to manage forest topology.
--
/ Alexander Bokovoy
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
