Re: [Freeipa-devel] [file ipa_cldap.c, line 148]: Failed to create socket
On Tue, 28 May 2013, Nicholas MacKenzie wrote: Hello, I have seen this happen on multiple fresh installs now. Can anyone shed any light on it? I am unable to add a trust because of this, I assume. An smbclient lookup against the DC works. == # ipa trust-add --type=ad ad.dc.com --admin username --password Active directory domain administrator's password: ipa: ERROR: Cannot find specified domain or server name == /var/log/httpd/error_log: [Tue May 28 07:05:01 2013] [error] ipa: INFO: ad...@ipa.dc.com: trust_add(u' ad.dc.sita.aero', trust_46'): NotFound == # ipactl restart Restarting Directory Service Shutting down dirsrv: IPA-DC-COM.[ OK ] PKI-IPA... [ OK ] Starting dirsrv: IPA-DC-COM ...[28/May/2013:07:09:24 +] ipa_cldap_init_service - [file ipa_cldap.c, line 148]: Failed to create socket What operating system is that? Here is what we have in ipa_cldap.c: ctx-sd = socket(PF_INET6, SOCK_DGRAM, 0); if (ctx-sd == -1) { LOG_FATAL(Failed to create socket\n); ret = EIO; goto done; } So we failed to create a socket using PF_INET6 family. It looks like you don't have IPv6 enabled in your kernel? -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [file ipa_cldap.c, line 148]: Failed to create socket
You were spot on about that. I enabled IPv6 and now the CLDAP plugin installs fine. I am now faced with this... dcerpc: alter_resp - rpc fault: WERR_ACCESS_DENIED Failed to bind to uuid 12345778-1234-abcd-ef00-0123456789ab for 12345778-1234-abcd-ef00-0123456789ab@ncacn_ip_tcp: domain_controller.ad.dc.com[49500] NT_STATUS_NET_WRITE_FAULT [Tue May 28 08:20:03 2013] [error] ipa: INFO: ad...@ipa.dc.com: trust_add(u' ad.dc.sita.aero', trust_type=u'ad', realm_admin=u'username', realm_passwd=u'', range_size=20, all=False, raw=False, version=u'2.46'): ACIError On Tue, May 28, 2013 at 3:46 AM, Alexander Bokovoy aboko...@redhat.comwrote: On Tue, 28 May 2013, Nicholas MacKenzie wrote: Hello, I have seen this happen on multiple fresh installs now. Can anyone shed any light on it? I am unable to add a trust because of this, I assume. An smbclient lookup against the DC works. == # ipa trust-add --type=ad ad.dc.com --admin username --password Active directory domain administrator's password: ipa: ERROR: Cannot find specified domain or server name == /var/log/httpd/error_log: [Tue May 28 07:05:01 2013] [error] ipa: INFO: ad...@ipa.dc.com: trust_add(u' ad.dc.sita.aero', trust_46'): NotFound == # ipactl restart Restarting Directory Service Shutting down dirsrv: IPA-DC-COM.[ OK ] PKI-IPA... [ OK ] Starting dirsrv: IPA-DC-COM ...[28/May/2013:07:09:24 +] ipa_cldap_init_service - [file ipa_cldap.c, line 148]: Failed to create socket What operating system is that? Here is what we have in ipa_cldap.c: ctx-sd = socket(PF_INET6, SOCK_DGRAM, 0); if (ctx-sd == -1) { LOG_FATAL(Failed to create socket\n); ret = EIO; goto done; } So we failed to create a socket using PF_INET6 family. It looks like you don't have IPv6 enabled in your kernel? -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [file ipa_cldap.c, line 148]: Failed to create socket
Nevermind. I used the Administrator account and all is well. This is a lovely site. Added Active Directory trust for realm ad.dc.com Realm name: ad.dc.com Domain NetBIOS name: AD Domain Security Identifier: S-1-5-21-1226121717-3896983829-760149474 Trust direction: Two-way trust Trust type: Active Directory domain Trust status: Established and verified On Tue, May 28, 2013 at 4:24 AM, Nicholas MacKenzie nic...@gmail.comwrote: You were spot on about that. I enabled IPv6 and now the CLDAP plugin installs fine. I am now faced with this... dcerpc: alter_resp - rpc fault: WERR_ACCESS_DENIED Failed to bind to uuid 12345778-1234-abcd-ef00-0123456789ab for 12345778-1234-abcd-ef00-0123456789ab@ncacn_ip_tcp: domain_controller.ad.dc.com[49500] NT_STATUS_NET_WRITE_FAULT [Tue May 28 08:20:03 2013] [error] ipa: INFO: ad...@ipa.dc.com: trust_add(u'ad.dc.sita.aero', trust_type=u'ad', realm_admin=u'username', realm_passwd=u'', range_size=20, all=False, raw=False, version=u'2.46'): ACIError On Tue, May 28, 2013 at 3:46 AM, Alexander Bokovoy aboko...@redhat.comwrote: On Tue, 28 May 2013, Nicholas MacKenzie wrote: Hello, I have seen this happen on multiple fresh installs now. Can anyone shed any light on it? I am unable to add a trust because of this, I assume. An smbclient lookup against the DC works. == # ipa trust-add --type=ad ad.dc.com --admin username --password Active directory domain administrator's password: ipa: ERROR: Cannot find specified domain or server name == /var/log/httpd/error_log: [Tue May 28 07:05:01 2013] [error] ipa: INFO: ad...@ipa.dc.com: trust_add(u' ad.dc.sita.aero', trust_46'): NotFound == # ipactl restart Restarting Directory Service Shutting down dirsrv: IPA-DC-COM.[ OK ] PKI-IPA... [ OK ] Starting dirsrv: IPA-DC-COM ...[28/May/2013:07:09:24 +] ipa_cldap_init_service - [file ipa_cldap.c, line 148]: Failed to create socket What operating system is that? Here is what we have in ipa_cldap.c: ctx-sd = socket(PF_INET6, SOCK_DGRAM, 0); if (ctx-sd == -1) { LOG_FATAL(Failed to create socket\n); ret = EIO; goto done; } So we failed to create a socket using PF_INET6 family. It looks like you don't have IPv6 enabled in your kernel? -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [file ipa_cldap.c, line 148]: Failed to create socket
On Tue, 28 May 2013, Nicholas MacKenzie wrote: You were spot on about that. I enabled IPv6 and now the CLDAP plugin installs fine. I am now faced with this... dcerpc: alter_resp - rpc fault: WERR_ACCESS_DENIED Failed to bind to uuid 12345778-1234-abcd-ef00-0123456789ab for 12345778-1234-abcd-ef00-0123456789ab@ncacn_ip_tcp: domain_controller.ad.dc.com[49500] NT_STATUS_NET_WRITE_FAULT [Tue May 28 08:20:03 2013] [error] ipa: INFO: ad...@ipa.dc.com: trust_add(u' ad.dc.sita.aero', trust_type=u'ad', realm_admin=u'username', realm_passwd=u'', range_size=20, all=False, raw=False, version=u'2.46'): ACIError Specify your AD admin username fully-qualified, either DOMAIN\username or username@REALM. -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel