I may have network blocks between one of my IPA replicas and the *many*
remote AD servers that need to be queried but I can only see evidence of
this in the authentication failures and the debug level logging.
Not sure how to test from the command line to verify connectivity or
narrow down which ports may be getting blocked.
Are there any common CLI techniques, ldaps:// search queries or other
commands that could be run from an IPA replica to confirm basic
communication with a remote AD controller?
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project