Andrew,
On Tue, 07 Jan 2014, Andrew Holway wrote:
At this point I need to know exact version of the samba package (samba4
if this is RHEL 6.x) to continue investigations with the exact source
code at hand.
[root@ipa ~]# rpm -qa | grep samba
samba4-libs-4.0.0-60.el6_5.rc4.x86_64
Thanks.
Can
On Tue, 2014-01-07 at 07:48 +0200, Alexander Bokovoy wrote:
On Fri, 03 Jan 2014, Simo Sorce wrote:
On Fri, 2014-01-03 at 12:29 +0100, Jakub Hrozek wrote:
On Thu, Jan 02, 2014 at 08:06:31PM +, Andrew Holway wrote:
/var/log/sssd/*
this is using bob@host (prattle.com is the windows
On Tue, Jan 07, 2014 at 08:51:49AM -0500, Simo Sorce wrote:
On Tue, 2014-01-07 at 07:48 +0200, Alexander Bokovoy wrote:
On Fri, 03 Jan 2014, Simo Sorce wrote:
On Fri, 2014-01-03 at 12:29 +0100, Jakub Hrozek wrote:
On Thu, Jan 02, 2014 at 08:06:31PM +, Andrew Holway wrote:
On Fri, Jan 03, 2014 at 02:05:58PM +, Andrew Holway wrote:
To generate the winbind logs on the server, can you do 'smbcontrol winbindd
debug 100', then request the trusted user. The winbind logs would be at
/var/log/samba/log.w*
I truncated all of the files in /var/log/samba and then
On Fri, 03 Jan 2014, Andrew Holway wrote:
To generate the winbind logs on the server, can you do 'smbcontrol winbindd
debug 100', then request the trusted user. The winbind logs would be at
/var/log/samba/log.w*
I truncated all of the files in /var/log/samba and then make a single
login
On Fri, 03 Jan 2014, Simo Sorce wrote:
On Fri, 2014-01-03 at 12:29 +0100, Jakub Hrozek wrote:
On Thu, Jan 02, 2014 at 08:06:31PM +, Andrew Holway wrote:
/var/log/sssd/*
this is using bob@host (prattle.com is the windows domain)
https://gist.github.com/anonymous/ff817a251948ff58bdb1
On Thu, Jan 02, 2014 at 08:06:31PM +, Andrew Holway wrote:
/var/log/sssd/*
this is using bob@host (prattle.com is the windows domain)
https://gist.github.com/anonymous/ff817a251948ff58bdb1
this is using b...@prattle.com@host (prattle.com is the windows domain)
Thanks, these logs have
On Fri, Jan 03, 2014 at 12:29:11PM +0100, Jakub Hrozek wrote:
On Thu, Jan 02, 2014 at 08:06:31PM +, Andrew Holway wrote:
/var/log/sssd/*
this is using bob@host (prattle.com is the windows domain)
https://gist.github.com/anonymous/ff817a251948ff58bdb1
this is using
On Fri, 2014-01-03 at 12:29 +0100, Jakub Hrozek wrote:
On Thu, Jan 02, 2014 at 08:06:31PM +, Andrew Holway wrote:
/var/log/sssd/*
this is using bob@host (prattle.com is the windows domain)
https://gist.github.com/anonymous/ff817a251948ff58bdb1
this is using b...@prattle.com@host
To generate the winbind logs on the server, can you do 'smbcontrol winbindd
debug 100', then request the trusted user. The winbind logs would be at
/var/log/samba/log.w*
I truncated all of the files in /var/log/samba and then make a single
login attempt. These are the files that were non zero
or simply run wbinfo on the server to check winbindd can properly
retrieve users before moving back to testing on client.
[r...@ipa.wibble.com ~]# wbinfo -i b...@prattle.com
failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for user b...@prattle.com
Would this be an
[r...@ipa.wibble.com ~]# wbinfo --all-domains
BUILTIN
WIBBLE
PRATTLE
[r...@ipa.wibble.com ~]# wbinfo --own-domain
WIBBLE
On 3 January 2014 15:06, Andrew Holway andrew.hol...@gmail.com wrote:
or simply run wbinfo on the server to check winbindd can properly
retrieve users before moving back to
I have gotten a little further along with this but am having problems
connecting to the AD LDAP.
[r...@ipa.wibble.com cacerts]# ipa-replica-manage connect --winsync
--binddn cn=administrator,cn=users,dc=prattle,dc=com --bindpw
X9deiX9dei --passsync X9deiX9dei --cacert
On 01/02/2014 07:38 AM, Andrew Holway wrote:
I have gotten a little further along with this but am having problems
connecting to the AD LDAP.
[r...@ipa.wibble.com cacerts]# ipa-replica-manage connect --winsync
--binddn cn=administrator,cn=users,dc=prattle,dc=com --bindpw
X9deiX9dei
I have taken out the winsync.
[r...@ipa.wibble.com ~]# ipa-replica-manage connect --binddn
cn=administrator,cn=users,dc=prattle,dc=com --bindpw pa$$ --passsync
pa$$ --cacert /etc/openldap/cacerts/prattle.crt
win-5uglhak7rin.prattle.com. -vvv
Added CA certificate /etc/openldap/cacerts/prattle.crt
On 01/02/2014 12:07 PM, Andrew Holway wrote:
I have taken out the winsync.
[r...@ipa.wibble.com ~]# ipa-replica-manage connect --binddn
cn=administrator,cn=users,dc=prattle,dc=com --bindpw pa$$ --passsync
pa$$ --cacert /etc/openldap/cacerts/prattle.crt
win-5uglhak7rin.prattle.com. -vvv
I turned off all the AD processed on my windows domain controller.
The error did not change.
On 2 January 2014 17:07, Andrew Holway andrew.hol...@gmail.com wrote:
I have taken out the winsync.
[r...@ipa.wibble.com ~]# ipa-replica-manage connect --binddn
You are still setting up a replication agreement not a trust.
Oh, I am following the redhat documentation here:
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/managing-sync-agmt.html
This seems to indicate that the directory server
On Thu, 2014-01-02 at 19:12 +, Andrew Holway wrote:
You are still setting up a replication agreement not a trust.
Oh, I am following the redhat documentation here:
As for AD users we need to look at the client and see what is going on
there. What is your client? Version and component? Is it using latest SSSD?
If not additional steps might be needed. Please provide the details
about the clients. Please start with trying AD users on the IPA server
itself,
Sorry, I forgot this. It works fine for the wibble.com linux domain.
[r...@ipa.wibble.com log]# ldapsearch -x -ZZ -H ldap://localhost -b
dc=prattle,dc=com
# extended LDIF
#
# LDAPv3
# base dc=prattle,dc=com with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# search result
search: 3
Hello,
I am attempting to set up trust between my test freeipa server at
ipa.wibble.com. and my test AD server at win-5uglhak7rin.prattle.com.
In the GUI I can see the following in Trusts ยป prattle.com.
Realm name: prattle.com
Domain NetBIOS name: PRATTLE
Domain Security Identifier:
22 matches
Mail list logo