hi all, i'm trying to setup a one-sided trust with an AD, following https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Windows_Integration_Guide/trust-groups.html
the trust is setup and seems to work (i get IPA service token using kvno and an AD kerberos credential), "ipa trustdomain-find domain.name" reports that the domain is enabled (but for some reason dumps this info twice). however, when trying to add the "Domain Users", i get a 'trusted domain object not found' > # ipa group-add-member extgroup --external="NETBIOSNAME\Domain Users" > --users=a_valid_ad_user > Group name: extgroup > Description: some desc > Member of groups: intgroup > Failed members: > member user: a_valid_ad_user: no such entry > member group: NETBIOSNAME\Domain Users: trusted domain object not found > ------------------------- > Number of members added 0 > ------------------------- i also tried with "Domain us...@domain.name" any clues how to debug what is going wrong? many thanks, stijn -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project