On Thu, 09 Jun 2016, pgb205 wrote:
The setup is:AD 2008 domain,Latest version of FreeIpa with integrated
DNS,As the AD domain is not known to any DNS servers on the network I
have created a stub zone in Freeipa integrated dns server
addomain.com,and created A-record for DC.addomain.comas well as
_ldap.tcp.addomain.com and _kerberos.udp.addomain.comand checked with
dig that they resolve correctly, 138/139/145/389 are opened between the
servers on both tcp and udp portsipv6 enabled on the FreeIpa server. I
am using pre-shared secret to establish the trust
Run:ipa trust-add --type=ad addomain.com --trust-secret  <pre-shared key>
and receive:
ipa: ERROR: CIFS server communication error: code "None",                  message 
"NT_STATUS_IO_TIMEOUT" (both may be "None")

I've enabled the logs as described in debugging section (I would be glad to 
forward the whole thing if needed)However, relevant error that I see is :
finddcs: DNS SRV response 0 at '<ipaddr>'finddcs: performing CLDAP
query on <ipaddr>s4_tevent: Added timed event "tevent_req_timedout":
0x7f21302a8b10s4_tevent: Schedule immediate event "tevent_req_trigger":
0x7f2130025090s4_tevent: Run immediate event "tevent_req_trigger":
0x7f2130025090s4_tevent: Added timed event "tevent_req_timedout":
0x7f213025cb90s4_tevent: Running timer event 0x7f213025cb90
"tevent_req_timedout"s4_tevent: Schedule immediate event
"tevent_req_trigger": 0x7f2130045b50s4_tevent: Ending timer event
0x7f213025cb90 "tevent_req_timedout"s4_tevent: Run immediate event
"tevent_req_trigger": 0x7f2130045b50s4_tevent: Added timed event
"tevent_req_timedout": 0x7f213025cb90s4_tevent: Running timer event
0x7f213025cb90 "tevent_req_timedout"s4_tevent: Schedule immediate event
"tevent_req_trigger": 0x7f213001d230s4_tevent: Ending timer event
0x7f213025cb90 "tevent_req_timedout"s4_tevent: Run immediate event
"tevent_req_trigger": 0x7f213001d230s4_tevent: Added timed event
"tevent_req_timedout": 0x7f213025cb90s4_tevent: Running timer event
0x7f21302a8b10 "tevent_req_timedout"s4_tevent: Destroying timer event
0x7f213025cb90 "tevent_req_timedout"finddcs: No matching CLDAP server
founds4_tevent: Ending timer event 0x7f21302a8b10
"tevent_req_timedout"[Thu Jun 09 20:39:38.703506 2016] [:error] [pid
2503] ipa: INFO: [jsonserver_session] admin@<ipadomain.com>:
trust_add(u'addomain.com', trust_type=u'ad', trust_secret=u'********',
all=False, raw=False, version=u'2.156'): RemoteRetrieveError Once again
I would be glad to provide entire logs if needed. But would be grateful
for suggestions on how to resolve the above error.
Do you have IPv6 disabled?
www.freeipa.org/page/Active_Directory_trust_setup#IPv6_stack_usage
--
/ Alexander Bokovoy

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to