[Freeipa-users] Freeipa 4 and AD
I’m having issues with getting my RHEL 7 server running Freeipa 4 to join my Windows 2012R2 domain. DNS checks out fine. When I try to establish the join I get the below listed errors popping up. I’ve tried both creating the trust from Freeipa and just this morning I setup the trust on the AD side and tried to use the —trust-secret option. There are no firewalls between them, but they are on different subnets. Any help would be great. This is holding up a project and I’m not able to figure out what’s going on. Thanks in advance. finddcs: Skipping DC 10.32.145.134 with server_type=0xf17c - required 0x0119 finddcs: No matching CLDAP server found [Wed Apr 08 12:39:48.359684 2015] [:error] [pid 8402] ipa: INFO: [jsonserver_session] ad...@preprod.fioptics.int mailto:ad...@preprod.fioptics.int: trust_add(u'fioptics.int', http://trust_add%28u%27fioptics.int%27%2c/ trust_type=u'ad', realm_server=u'ppad01', trust_secret=u'', all=False, raw=False, version=u'2.114'): NotFound Regards, -- Aric Wilisch awili...@gmail.com -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] Freeipa 4 and AD
On Wed, 08 Apr 2015, Aric Wilisch wrote: I’m having issues with getting my RHEL 7 server running Freeipa 4 to join my Windows 2012R2 domain. DNS checks out fine. When I try to establish the join I get the below listed errors popping up. I’ve tried both creating the trust from Freeipa and just this morning I setup the trust on the AD side and tried to use the —trust-secret option. There are no firewalls between them, but they are on different subnets. Any help would be great. This is holding up a project and I’m not able to figure out what’s going on. Thanks in advance. finddcs: Skipping DC 10.32.145.134 with server_type=0xf17c - required 0x0119 You need to establish trust using a PDC of the forest root domain. Your DC is not a PDC (lacks bit 1 in the server type), thus it is not possible to establish cross-forest trust. This is Active Directory requirement. -- / Alexander Bokovoy -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] Freeipa 4 and AD
On 04/08/2015 12:42 PM, Aric Wilisch wrote: I'm having issues with getting my RHEL 7 server running Freeipa 4 to join my Windows 2012R2 domain. DNS checks out fine. When I try to establish the join I get the below listed errors popping up. I've tried both creating the trust from Freeipa and just this morning I setup the trust on the AD side and tried to use the ---trust-secret option. There are no firewalls between them, but they are on different subnets. Any help would be great. This is holding up a project and I'm not able to figure out what's going on. Thanks in advance. finddcs: Skipping DC 10.32.145.134 with server_type=0xf17c - required 0x0119 finddcs: No matching CLDAP server found [Wed Apr 08 12:39:48.359684 2015] [:error] [pid 8402] ipa: INFO: [jsonserver_session] ad...@preprod.fioptics.int mailto:ad...@preprod.fioptics.int: trust_add(u'fioptics.int', http://trust_add%28u%27fioptics.int%27%2C/trust_type=u'ad', realm_server=u'ppad01', trust_secret=u'', all=False, raw=False, version=u'2.114'): NotFound Regards, -- Aric Wilisch awili...@gmail.com mailto:awili...@gmail.com It seems that IPA could not detect the valid AD DC. What is the version and the type of the DC with mentioned IP? Is it a primary DC? If not where is the primary one? -- Thank you, Dmitri Pal Sr. Engineering Manager IdM portfolio Red Hat, Inc. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project