On 1.4.2015 13:16, Ben .T.George wrote:
> HI
>
> i have installed latest FreeIPA 4.1.4 on RHEL 7.1
>
> My DNS is working fine. I am getting good response
>
> [root@kwtprsolipa01 ~]# for i in _ldap._tcp _kerberos._tcp _kerberos._udp
> _kerberos-master._tcp _kerberos-master._udp _ntp._udp; do echo ""; dig
> @mha.local ${i}.SUN.LOCAL srv +nocmd +noquestion +nocomments +nostats +noaa
> +noadditional +noauthority; done | egrep -v "^;" | egrep _
> _ldap._tcp.SUN.LOCAL. 86398 IN SRV 0 100 389
> kwtprsolipa01.sun.local.
> _kerberos._tcp.SUN.LOCAL. 86398 IN SRV 0 100 88
> kwtprsolipa01.sun.local.
> _kerberos._udp.SUN.LOCAL. 84696 IN SRV 0 100 88
> kwtprsolipa01.sun.local.
> _kerberos-master._tcp.SUN.LOCAL. 84699 IN SRV 0 100 88
> kwtprsolipa01.sun.local.
> _kerberos-master._udp.SUN.LOCAL. 86398 IN SRV 0 100 88
> kwtprsolipa01.sun.local.
> _ntp._udp.SUN.LOCAL.86398 IN SRV 0 100 123
> kwtprsolipa01.sun.local.
>
> and ad domain is pining from IPA server.
>
> [root@kwtprsolipa01 ~]# dig SRV _ldap._tcp.mha.local
>
> ; <<>> DiG 9.9.4-RedHat-9.9.4-20.el7.centos.pkcs11 <<>> SRV
> _ldap._tcp.mha.local
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44181
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 6
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4000
> ;; QUESTION SECTION:
> ;_ldap._tcp.mha.local. IN SRV
>
> ;; ANSWER SECTION:
> _ldap._tcp.mha.local. 600 IN SRV 0 100 389
> rusmosprdc002.mha.local.
> _ldap._tcp.mha.local. 600 IN SRV 0 100 389
> kwtprdc002.mha.local.
> _ldap._tcp.mha.local. 600 IN SRV 0 100 389
> dxbprdc002.mha.local.
> _ldap._tcp.mha.local. 600 IN SRV 0 100 389
> kwtprdc001.mha.local.
> _ldap._tcp.mha.local. 600 IN SRV 0 100 389
> dxbprdc001.mha.local.
>
> ;; ADDITIONAL SECTION:
> rusmosprdc002.mha.local. 3600 IN A 192.168.115.42
> kwtprdc002.mha.local. 3600IN A 172.16.98.171
> dxbprdc002.mha.local. 3600IN A 10.10.10.10
> kwtprdc001.mha.local. 3600IN A 172.16.100.180
> dxbprdc001.mha.local. 3600IN A 10.10.10.11
>
> ;; Query time: 0 msec
> ;; SERVER: 172.16.100.180#53(172.16.100.180)
> ;; WHEN: Wed Apr 01 13:58:24 AST 2015
> ;; MSG SIZE rcvd: 332
>
>
>
> [root@kwtprsolipa01 ~]# dig SRV _ldap._tcp.sun.local
>
> ; <<>> DiG 9.9.4-RedHat-9.9.4-20.el7.centos.pkcs11 <<>> SRV
> _ldap._tcp.sun.local
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63551
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 2
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4000
> ;; QUESTION SECTION:
> ;_ldap._tcp.sun.local. IN SRV
>
> ;; ANSWER SECTION:
> _ldap._tcp.sun.local. 84509 IN SRV 0 100 389
> kwtprsolipa01.sun.local.
>
> ;; ADDITIONAL SECTION:
> kwtprsolipa01.sun.local. 182IN A 172.16.99.99
>
> ;; Query time: 0 msec
> ;; SERVER: 172.16.100.180#53(172.16.100.180)
> ;; WHEN: Wed Apr 01 13:58:31 AST 2015
> ;; MSG SIZE rcvd: 108
>
>
> all result was as expected and i was following the excat steps from quick
> start page.
>
> but when i try to create trust, i am getting
>
> "ipa: ERROR: Cannot find specified domain or server name"
>
>
> please help me to solve this
Please follow
http://www.freeipa.org/page/Active_Directory_trust_setup#Debugging_trust
... and send us results and logs.
--
Petr^2 Spacek
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
