On Wed, Aug 03, 2016 at 08:38:00PM -0400, Jake wrote: > Thanks Jakub, > turns out 'getent password usern...@legacy.example.org' only works on 1 of > the 4 ipa servers (the one I created the domain trust with).
OK, then we need to first fix all the servers before proceeding to the clients. > > I re-ran ipa-adtrust-install on them and no change, is there a similar post I > can follow to correct these & retrace my steps or does the trust need > configured on each. For IPA: http://www.freeipa.org/page/Active_Directory_trust_setup#Debugging_trust For SSSD: https://fedorahosted.org/sssd/wiki/Troubleshooting I would personally start with looking into the SSSD logs on the server that is misbehaving. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project