Re: [Freeipa-users] ipa trust-fetch-domains missing
Yes, since we're running it on Centos6 nodes in this case, the repos only have IPA 3.0 available...unless you know of a better repo that has the 3.3 stuff available ;) Thank you for the insight. -Chris On 8/24/16 2:17 PM, Alexander Bokovoy wrote: On Wed, 24 Aug 2016, Chris Moody wrote: Hello. Wanted to first take a quick moment to thank everyone for their contributions on making this such a slick packaging and integration of components. FreeIPA is a welcome systemthat has been needed for a LONG time. I'm running into some trouble in completing my AD-trust setup. I've followed the guide here: http://www.freeipa.org/page/Active_Directory_trust_setup but am not finding the command 'ipa trust-fetch-domains "ad_domain"'. What concerns me is the statement " With this command running successfuly, IPA will get information about trusted domains and will create all needed identity ranges for them." - does this imply that if this command is NOT run that the creation of the mentioned identity ranges does not occur? The following command in the guide (ipa trustdomain-find "ad_domain") also does not exist, but what appears to be a variant of it (ipa trust-find) does return these results: What FreeIPA version do you have? Sounds like FreeIPA 3.0.something. In FreeIPA 3.0 support for trust to AD was only taking off. Most of features were added in FreeIPA 3.3 and later, with FreeIPA 4.2 being most stable. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] ipa trust-fetch-domains missing
On Wed, 24 Aug 2016, Chris Moody wrote: Hello. Wanted to first take a quick moment to thank everyone for their contributions on making this such a slick packaging and integration of components. FreeIPA is a welcome systemthat has been needed for a LONG time. I'm running into some trouble in completing my AD-trust setup. I've followed the guide here: http://www.freeipa.org/page/Active_Directory_trust_setup but am not finding the command 'ipa trust-fetch-domains "ad_domain"'. What concerns me is the statement " With this command running successfuly, IPA will get information about trusted domains and will create all needed identity ranges for them." - does this imply that if this command is NOT run that the creation of the mentioned identity ranges does not occur? The following command in the guide (ipa trustdomain-find "ad_domain") also does not exist, but what appears to be a variant of it (ipa trust-find) does return these results: What FreeIPA version do you have? Sounds like FreeIPA 3.0.something. In FreeIPA 3.0 support for trust to AD was only taking off. Most of features were added in FreeIPA 3.3 and later, with FreeIPA 4.2 being most stable. -- / Alexander Bokovoy -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
[Freeipa-users] ipa trust-fetch-domains missing
Hello. Wanted to first take a quick moment to thank everyone for their contributions on making this such a slick packaging and integration of components. FreeIPA is a welcome systemthat has been needed for a LONG time. I'm running into some trouble in completing my AD-trust setup. I've followed the guide here: http://www.freeipa.org/page/Active_Directory_trust_setup but am not finding the command 'ipa trust-fetch-domains "ad_domain"'. What concerns me is the statement " With this command running successfuly, IPA will get information about trusted domains and will create all needed identity ranges for them." - does this imply that if this command is NOT run that the creation of the mentioned identity ranges does not occur? The following command in the guide (ipa trustdomain-find "ad_domain") also does not exist, but what appears to be a variant of it (ipa trust-find) does return these results: = [root@ca1-infra-ipa1 ~]# ipa trust-find --- 1 trust matched --- Realm name: ad.X.com Domain NetBIOS name: AD Domain Security Identifier: S-1-5-21-754923713-4108838501-2041013861 Trust type: Active Directory domain Number of entries returned 1 = [root@ca1-infra-ipa1 ~]# ipa trust-show "ad.X.com" Realm name: ad.X.com Domain NetBIOS name: AD Domain Security Identifier: S-1-5-21-754923713-4108838501-2041013861 Trust direction: Two-way trust Trust type: Active Directory domain [root@ca1-infra-ipa1 ~]# = I'm just wanting to confirm whether or not the 'trust-fetch-domains' command that's listed in the guide is essential to complete the AD trust setup or if it's simply providing an informational output. Thanks, -Chris -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project