subject:"\[Freeipa\-users\] ipa\-client auth with windomain account"

Re: [Freeipa-users] ipa-client auth with windomain account

2013-09-23 Thread Dmitri Pal

On 09/20/2013 03:21 PM, Михаил А wrote:
 hi! TRUST OK!
 dig SRV _ldap._tcp.wiindomain---ok win serv SRV
 dig SRV _ldap._tcp.ipadomain.wiindomain--ok serv SRV
 dns1:ipaserver1
 dns2:winserv1
 sorry for my english

Please do not reply to me directly, reply to the list.
This way people would be able too see and continue conversation.
When I asked about DNS, I was asking about the relation between windows
DNS and IPA. AFAIU in the setup you delegate a DNS zone from AD DNS to
IPA. Is that the case?

Also on the client please change the debug_level in sssd.conf to 9 or
use a bitmask (see `man sssd.conf` on the client and search for
debug_level), restart sssd and provide sssd logs to the list. Do not
forget to sanitize them.

We will be able to see what is going on in SSSD and why it does not get
the user.
BTW, have you restarted SSSD after adding trust? If so sssd might not
yet know that the trust was added. We have a ticket about it. Please try
restarting SSSD.

Thanks
Dmitri


 2013/9/20 Dmitri Pal d...@redhat.com mailto:d...@redhat.com

 On 09/18/2013 11:42 AM, Михаил А wrote:
 Hi,
  Do I need network access to ports from the ipa-client to the server-
  windows for authentication with windomain accounts?
  ipa-server fedora19
  ipa-client fedora19
  winserver win2012
  the ipa-client is located in another network
  within the network ipa-server, ipa-client and windows-server
  authentication works
  to the ipa-client:
  #id windomainuser@windomain
  id: windomainuser@windomain: No such user
  please tell me what I'm doing wrong


 ___
 Freeipa-users mailing list
 Freeipa-users@redhat.com mailto:Freeipa-users@redhat.com
 https://www.redhat.com/mailman/listinfo/freeipa-users

 We need to understand more about your setup.
 Are you using trusts?
 What is your DNS configuration?

 Generally if you are using trusts than clients should be able to
 resolve AD server and connect to it.

 -- 
 Thank you,
 Dmitri Pal

 Sr. Engineering Manager for IdM portfolio
 Red Hat Inc.


 ---
 Looking to carve out IT costs?
 www.redhat.com/carveoutcosts/ http://www.redhat.com/carveoutcosts/



 ___
 Freeipa-users mailing list
 Freeipa-users@redhat.com mailto:Freeipa-users@redhat.com
 https://www.redhat.com/mailman/listinfo/freeipa-users




-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


---
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Re: [Freeipa-users] ipa-client auth with windomain account

2013-09-20 Thread Dmitri Pal

On 09/18/2013 11:42 AM, ?? ? wrote:
 Hi,
  Do I need network access to ports from the ipa-client to the server-
  windows for authentication with windomain accounts?
  ipa-server fedora19
  ipa-client fedora19
  winserver win2012
  the ipa-client is located in another network
  within the network ipa-server, ipa-client and windows-server
  authentication works
  to the ipa-client:
  #id windomainuser@windomain
  id: windomainuser@windomain: No such user
  please tell me what I'm doing wrong


 ___
 Freeipa-users mailing list
 Freeipa-users@redhat.com
 https://www.redhat.com/mailman/listinfo/freeipa-users

We need to understand more about your setup.
Are you using trusts?
What is your DNS configuration?

Generally if you are using trusts than clients should be able to resolve
AD server and connect to it.

-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


---
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

[Freeipa-users] ipa-client auth with windomain account

2013-09-18 Thread Михаил А

Hi,
 Do I need network access to ports from the ipa-client to the server-
 windows for authentication with windomain accounts?
 ipa-server fedora19
 ipa-client fedora19
 winserver win2012
 the ipa-client is located in another network
 within the network ipa-server, ipa-client and windows-server
 authentication works
 to the ipa-client:
 #id windomainuser@windomain
 id: windomainuser@windomain: No such user
 please tell me what I'm doing wrong
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Re: [Freeipa-users] ipa-client auth with windomain account

Re: [Freeipa-users] ipa-client auth with windomain account

[Freeipa-users] ipa-client auth with windomain account

3 matches

Site Navigation

Mail list logo

Footer information