On 09/20/2013 03:21 PM, Михаил А wrote:
hi! TRUST OK!
dig SRV _ldap._tcp.wiindomain---ok win serv SRV
dig SRV _ldap._tcp.ipadomain.wiindomain--ok serv SRV
dns1:ipaserver1
dns2:winserv1
sorry for my english
Please do not reply to me directly, reply to the list.
This way people would be able too see and continue conversation.
When I asked about DNS, I was asking about the relation between windows
DNS and IPA. AFAIU in the setup you delegate a DNS zone from AD DNS to
IPA. Is that the case?
Also on the client please change the debug_level in sssd.conf to 9 or
use a bitmask (see `man sssd.conf` on the client and search for
debug_level), restart sssd and provide sssd logs to the list. Do not
forget to sanitize them.
We will be able to see what is going on in SSSD and why it does not get
the user.
BTW, have you restarted SSSD after adding trust? If so sssd might not
yet know that the trust was added. We have a ticket about it. Please try
restarting SSSD.
Thanks
Dmitri
2013/9/20 Dmitri Pal d...@redhat.com mailto:d...@redhat.com
On 09/18/2013 11:42 AM, Михаил А wrote:
Hi,
Do I need network access to ports from the ipa-client to the server-
windows for authentication with windomain accounts?
ipa-server fedora19
ipa-client fedora19
winserver win2012
the ipa-client is located in another network
within the network ipa-server, ipa-client and windows-server
authentication works
to the ipa-client:
#id windomainuser@windomain
id: windomainuser@windomain: No such user
please tell me what I'm doing wrong
___
Freeipa-users mailing list
Freeipa-users@redhat.com mailto:Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
We need to understand more about your setup.
Are you using trusts?
What is your DNS configuration?
Generally if you are using trusts than clients should be able to
resolve AD server and connect to it.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
---
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/ http://www.redhat.com/carveoutcosts/
___
Freeipa-users mailing list
Freeipa-users@redhat.com mailto:Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
---
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users