On Fri, 11 Sep 2015, Matt Wells wrote:
I've been working on an AD trust with our freeipa servers but have run into
some of the same issues others have had.
It's well documented here however I feel I've mitigated these -
Freeipa Servers are Fedora 22 / freeipa-server-4.2.0
The Samba version i'm on is well past the patched version. It seems the
patch is in samba-4.2.1-7.fc22 and I'm on samba-4.2.3-0 (assuming the patch
is in this version).
# echo Password123 | ipa trust-add --type=ad ad.example.com --trust-secret
ipa: ERROR: CIFS server configuration does not allow access to \\pipe\lsarpc
This was looking like a partial fix. The full fix is in Fedora 23 with
FreeIPA 4.2.1 release (we didn't yet officially announced it).
We were all busy at FreeIPA/SSSD gathering in Brno this week so there
wasn't really time to do Fedora 22 backport of the fixes yet.
/ Alexander Bokovoy
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project