Re: [Freeipa-devel] [file ipa_cldap.c, line 148]: Failed to create socket
On Tue, 28 May 2013, Nicholas MacKenzie wrote:
Hello,
I have seen this happen on multiple fresh installs now. Can anyone shed any
light on it? I am unable to add a trust because of this, I assume. An
smbclient lookup against the DC works.
==
# ipa trust-add --type=ad ad.dc.com --admin username --password
Active directory domain administrator's password:
ipa: ERROR: Cannot find specified domain or server name
==
/var/log/httpd/error_log:
[Tue May 28 07:05:01 2013] [error] ipa: INFO: ad...@ipa.dc.com: trust_add(u'
ad.dc.sita.aero', trust_46'): NotFound
==
# ipactl restart
Restarting Directory Service
Shutting down dirsrv:
IPA-DC-COM.[ OK ]
PKI-IPA... [ OK ]
Starting dirsrv:
IPA-DC-COM ...[28/May/2013:07:09:24 +] ipa_cldap_init_service -
[file ipa_cldap.c, line 148]: Failed to create socket
What operating system is that?
Here is what we have in ipa_cldap.c:
ctx-sd = socket(PF_INET6, SOCK_DGRAM, 0);
if (ctx-sd == -1) {
LOG_FATAL(Failed to create socket\n);
ret = EIO;
goto done;
}
So we failed to create a socket using PF_INET6 family. It looks like you
don't have IPv6 enabled in your kernel?
--
/ Alexander Bokovoy
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [file ipa_cldap.c, line 148]: Failed to create socket
You were spot on about that. I enabled IPv6 and now the CLDAP plugin
installs fine. I am now faced with this...
dcerpc: alter_resp - rpc fault: WERR_ACCESS_DENIED
Failed to bind to uuid 12345778-1234-abcd-ef00-0123456789ab for
12345778-1234-abcd-ef00-0123456789ab@ncacn_ip_tcp:
domain_controller.ad.dc.com[49500] NT_STATUS_NET_WRITE_FAULT
[Tue May 28 08:20:03 2013] [error] ipa: INFO: ad...@ipa.dc.com: trust_add(u'
ad.dc.sita.aero', trust_type=u'ad', realm_admin=u'username',
realm_passwd=u'', range_size=20, all=False, raw=False,
version=u'2.46'): ACIError
On Tue, May 28, 2013 at 3:46 AM, Alexander Bokovoy aboko...@redhat.comwrote:
On Tue, 28 May 2013, Nicholas MacKenzie wrote:
Hello,
I have seen this happen on multiple fresh installs now. Can anyone shed
any
light on it? I am unable to add a trust because of this, I assume. An
smbclient lookup against the DC works.
==
# ipa trust-add --type=ad ad.dc.com --admin username --password
Active directory domain administrator's password:
ipa: ERROR: Cannot find specified domain or server name
==
/var/log/httpd/error_log:
[Tue May 28 07:05:01 2013] [error] ipa: INFO: ad...@ipa.dc.com:
trust_add(u'
ad.dc.sita.aero', trust_46'): NotFound
==
# ipactl restart
Restarting Directory Service
Shutting down dirsrv:
IPA-DC-COM.[ OK ]
PKI-IPA... [ OK ]
Starting dirsrv:
IPA-DC-COM ...[28/May/2013:07:09:24 +] ipa_cldap_init_service -
[file ipa_cldap.c, line 148]: Failed to create socket
What operating system is that?
Here is what we have in ipa_cldap.c:
ctx-sd = socket(PF_INET6, SOCK_DGRAM, 0);
if (ctx-sd == -1) {
LOG_FATAL(Failed to create socket\n);
ret = EIO;
goto done;
}
So we failed to create a socket using PF_INET6 family. It looks like you
don't have IPv6 enabled in your kernel?
--
/ Alexander Bokovoy
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [file ipa_cldap.c, line 148]: Failed to create socket
Nevermind. I used the Administrator account and all is well. This is a
lovely site.
Added Active Directory trust for realm ad.dc.com
Realm name: ad.dc.com
Domain NetBIOS name: AD
Domain Security Identifier: S-1-5-21-1226121717-3896983829-760149474
Trust direction: Two-way trust
Trust type: Active Directory domain
Trust status: Established and verified
On Tue, May 28, 2013 at 4:24 AM, Nicholas MacKenzie nic...@gmail.comwrote:
You were spot on about that. I enabled IPv6 and now the CLDAP plugin
installs fine. I am now faced with this...
dcerpc: alter_resp - rpc fault: WERR_ACCESS_DENIED
Failed to bind to uuid 12345778-1234-abcd-ef00-0123456789ab for
12345778-1234-abcd-ef00-0123456789ab@ncacn_ip_tcp:
domain_controller.ad.dc.com[49500] NT_STATUS_NET_WRITE_FAULT
[Tue May 28 08:20:03 2013] [error] ipa: INFO: ad...@ipa.dc.com:
trust_add(u'ad.dc.sita.aero', trust_type=u'ad', realm_admin=u'username',
realm_passwd=u'', range_size=20, all=False, raw=False,
version=u'2.46'): ACIError
On Tue, May 28, 2013 at 3:46 AM, Alexander Bokovoy aboko...@redhat.comwrote:
On Tue, 28 May 2013, Nicholas MacKenzie wrote:
Hello,
I have seen this happen on multiple fresh installs now. Can anyone shed
any
light on it? I am unable to add a trust because of this, I assume. An
smbclient lookup against the DC works.
==
# ipa trust-add --type=ad ad.dc.com --admin username --password
Active directory domain administrator's password:
ipa: ERROR: Cannot find specified domain or server name
==
/var/log/httpd/error_log:
[Tue May 28 07:05:01 2013] [error] ipa: INFO: ad...@ipa.dc.com:
trust_add(u'
ad.dc.sita.aero', trust_46'): NotFound
==
# ipactl restart
Restarting Directory Service
Shutting down dirsrv:
IPA-DC-COM.[ OK ]
PKI-IPA... [ OK ]
Starting dirsrv:
IPA-DC-COM ...[28/May/2013:07:09:24 +] ipa_cldap_init_service -
[file ipa_cldap.c, line 148]: Failed to create socket
What operating system is that?
Here is what we have in ipa_cldap.c:
ctx-sd = socket(PF_INET6, SOCK_DGRAM, 0);
if (ctx-sd == -1) {
LOG_FATAL(Failed to create socket\n);
ret = EIO;
goto done;
}
So we failed to create a socket using PF_INET6 family. It looks like you
don't have IPv6 enabled in your kernel?
--
/ Alexander Bokovoy
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [file ipa_cldap.c, line 148]: Failed to create socket
On Tue, 28 May 2013, Nicholas MacKenzie wrote: You were spot on about that. I enabled IPv6 and now the CLDAP plugin installs fine. I am now faced with this... dcerpc: alter_resp - rpc fault: WERR_ACCESS_DENIED Failed to bind to uuid 12345778-1234-abcd-ef00-0123456789ab for 12345778-1234-abcd-ef00-0123456789ab@ncacn_ip_tcp: domain_controller.ad.dc.com[49500] NT_STATUS_NET_WRITE_FAULT [Tue May 28 08:20:03 2013] [error] ipa: INFO: ad...@ipa.dc.com: trust_add(u' ad.dc.sita.aero', trust_type=u'ad', realm_admin=u'username', realm_passwd=u'', range_size=20, all=False, raw=False, version=u'2.46'): ACIError Specify your AD admin username fully-qualified, either DOMAIN\username or username@REALM. -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
