The setup is:AD 2008 domain,Latest version of FreeIpa with integrated DNS,As 
the AD domain is not known to any DNS servers on the network I have
created a stub zone in Freeipa integrated dns server addomain.com,and created 
A-record for DC.addomain.comas well as _ldap.tcp.addomain.com and 
_kerberos.udp.addomain.comand checked with dig that they resolve correctly, 
138/139/145/389 are opened between the servers on both tcp and udp portsipv6 
enabled on the FreeIpa server. I am using pre-shared secret to establish the 
trust
Run:ipa trust-add --type=ad addomain.com --trust-secret  <pre-shared key>
and receive:
ipa: ERROR: CIFS server communication error: code "None",                  
message "NT_STATUS_IO_TIMEOUT" (both may be "None")

I've enabled the logs as described in debugging section (I would be glad to 
forward the whole thing if needed)However, relevant error that I see is :
finddcs: DNS SRV response 0 at '<ipaddr>'finddcs: performing CLDAP query on 
<ipaddr>s4_tevent: Added timed event "tevent_req_timedout": 
0x7f21302a8b10s4_tevent: Schedule immediate event "tevent_req_trigger": 
0x7f2130025090s4_tevent: Run immediate event "tevent_req_trigger": 
0x7f2130025090s4_tevent: Added timed event "tevent_req_timedout": 
0x7f213025cb90s4_tevent: Running timer event 0x7f213025cb90 
"tevent_req_timedout"s4_tevent: Schedule immediate event "tevent_req_trigger": 
0x7f2130045b50s4_tevent: Ending timer event 0x7f213025cb90 
"tevent_req_timedout"s4_tevent: Run immediate event "tevent_req_trigger": 
0x7f2130045b50s4_tevent: Added timed event "tevent_req_timedout": 
0x7f213025cb90s4_tevent: Running timer event 0x7f213025cb90 
"tevent_req_timedout"s4_tevent: Schedule immediate event "tevent_req_trigger": 
0x7f213001d230s4_tevent: Ending timer event 0x7f213025cb90 
"tevent_req_timedout"s4_tevent: Run immediate event "tevent_req_trigger": 
0x7f213001d230s4_tevent: Added timed event "tevent_req_timedout": 
0x7f213025cb90s4_tevent: Running timer event 0x7f21302a8b10 
"tevent_req_timedout"s4_tevent: Destroying timer event 0x7f213025cb90 
"tevent_req_timedout"finddcs: No matching CLDAP server founds4_tevent: Ending 
timer event 0x7f21302a8b10 "tevent_req_timedout"[Thu Jun 09 20:39:38.703506 
2016] [:error] [pid 2503] ipa: INFO: [jsonserver_session] 
admin@<ipadomain.com>: trust_add(u'addomain.com', trust_type=u'ad', 
trust_secret=u'********', all=False, raw=False, version=u'2.156'): 
RemoteRetrieveError
Once again I would be glad to provide entire logs if needed. But would be 
grateful for suggestions on how to resolve the above error.
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to