Also doing trust manually (as explained here http://www.freeipa.org/page/Active_Directory_trust_setup) the command fail in the same mode: # ipa trust-add --type=ad MYDOMAIN.COM --trust-secret Shared secret for the trust: ipa: ERROR: Cannot find specified domain or server name
==> /var/log/httpd/access_log <== 192.168.0.65 - - [08/Sep/2015:17:50:21 +0200] "POST /ipa/session/json HTTP/1.1" 200 185 ==> /var/log/httpd/error_log <== [Tue Sep 08 17:50:22.183939 2015] [:error] [pid 4265] ipa: INFO: [jsonserver_session] ad...@ipa.mydomain.com: trust_add(u'MYDOMAIN.COM', trust_type=u'ad', trust_secret=u'********', all=False, raw=False, version=u'2.112'): NotFound ==> /var/log/samba/log.winbindd-idmap <== [2015/09/08 17:50:22.178007, 1] ../source3/winbindd/idmap.c:202(idmap_init_domain) idmap range not specified for domain * [2015/09/08 17:50:22.178984, 1] ../source3/winbindd/idmap.c:202(idmap_init_domain) idmap range not specified for domain * [2015/09/08 17:50:22.179771, 1] ../source3/winbindd/idmap.c:202(idmap_init_domain) idmap range not specified for domain * [2015/09/08 17:50:22.179863, 1] ../source3/winbindd/idmap.c:202(idmap_init_domain) idmap range not specified for domain * :( Morgan 2015-09-08 15:21 GMT+02:00 Alexander Bokovoy <aboko...@redhat.com>: > On Tue, 08 Sep 2015, Morgan Marodin wrote: > >> I've solved this error, reading this forum: >> https://www.redhat.com/archives/freeipa-users/2015-July/msg00247.html >> >> But now when I try to trust to my Active Directory I see these errors: >> -------------------- >> # ipa trust-add --type=ad mydomain.com --admin Administrator --password >> Active Directory domain administrator's password: >> ipa: ERROR: CIFS server communication error: code "-1073741258", >> message "The connection was refused" (both may be "None") >> >> Here my logs: >> -------------------- >> ==> /var/log/httpd/error_log <== >> Failed to connect host 192.168.0.65 on port 135 - >> NT_STATUS_CONNECTION_REFUSED >> Failed to connect host 192.168.0.65 (srv01.ipa.mydomain.com) on port 135 >> - >> NT_STATUS_CONNECTION_REFUSED. >> [Tue Sep 08 15:01:50.859313 2015] [:error] [pid 2221] ipa: INFO: >> [jsonserver_kerb] ad...@ipa.mydomain.com: trust_add(u'mydomain.com', >> trust_type=u'ad', realm_admin=u'Administrator', realm_passwd=u'********', >> all=False, raw=False, version=u'2.112'): RemoteRetrieveError >> >> ==> /var/log/samba/log.192.168.0.65 <== >> [2015/09/08 15:01:50.833128, 1] >> ../source3/auth/user_krb5.c:164(get_user_from_kerberos_info) >> Username IPA\admin is invalid on this system >> > This is your problem. Does your system have SSSD actually running? > > > List of ports that smbd should be listening on on IPA master: > # netstat -nltup|grep smbd > tcp 0 0 0.0.0.0:135 0.0.0.0:* LISTEN > 12420/smbd tcp 0 0 0.0.0.0:139 0.0.0.0:* > LISTEN 12417/smbd tcp 0 0 0.0.0.0:445 > 0.0.0.0:* LISTEN 12417/smbd tcp 0 0 > 0.0.0.0:1024 0.0.0.0:* LISTEN 12422/smbd tcp6 > 0 0 :::135 :::* LISTEN 12420/smbd > tcp6 0 0 :::139 :::* LISTEN > 12417/smbd tcp6 0 0 :::445 :::* > LISTEN 12417/smbd tcp6 0 0 :::1024 > :::* LISTEN 12422/smbd > > -- > / Alexander Bokovoy > -- Morgan Marodin email: mor...@marodin.it mobile: +39.3477829069
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project