On Tue, Jan 07, 2014 at 08:51:49AM -0500, Simo Sorce wrote:
> On Tue, 2014-01-07 at 07:48 +0200, Alexander Bokovoy wrote:
> > On Fri, 03 Jan 2014, Simo Sorce wrote:
> > >On Fri, 2014-01-03 at 12:29 +0100, Jakub Hrozek wrote:
> > >> On Thu, Jan 02, 2014 at 08:06:31PM +, Andrew Holway wrote:
> >
On Tue, 2014-01-07 at 07:48 +0200, Alexander Bokovoy wrote:
> On Fri, 03 Jan 2014, Simo Sorce wrote:
> >On Fri, 2014-01-03 at 12:29 +0100, Jakub Hrozek wrote:
> >> On Thu, Jan 02, 2014 at 08:06:31PM +, Andrew Holway wrote:
> >> > /var/log/sssd/*
> >> > this is using bob@host (prattle.com is the
Andrew,
On Tue, 07 Jan 2014, Andrew Holway wrote:
At this point I need to know exact version of the samba package (samba4
if this is RHEL 6.x) to continue investigations with the exact source
code at hand.
[root@ipa ~]# rpm -qa | grep samba
samba4-libs-4.0.0-60.el6_5.rc4.x86_64
Thanks.
Can
> At this point I need to know exact version of the samba package (samba4
> if this is RHEL 6.x) to continue investigations with the exact source
> code at hand.
[root@ipa ~]# rpm -qa | grep samba
samba4-libs-4.0.0-60.el6_5.rc4.x86_64
___
Freeipa-users
On Fri, 03 Jan 2014, Simo Sorce wrote:
On Fri, 2014-01-03 at 12:29 +0100, Jakub Hrozek wrote:
On Thu, Jan 02, 2014 at 08:06:31PM +, Andrew Holway wrote:
> /var/log/sssd/*
> this is using bob@host (prattle.com is the windows domain)
> https://gist.github.com/anonymous/ff817a251948ff58bdb1
>
>
On Fri, 03 Jan 2014, Andrew Holway wrote:
To generate the winbind logs on the server, can you do 'smbcontrol winbindd
debug 100', then request the trusted user. The winbind logs would be at
/var/log/samba/log.w*
I truncated all of the files in /var/log/samba and then make a single
login attempt
On Fri, Jan 03, 2014 at 02:05:58PM +, Andrew Holway wrote:
> >> To generate the winbind logs on the server, can you do 'smbcontrol winbindd
> >> debug 100', then request the trusted user. The winbind logs would be at
> >> /var/log/samba/log.w*
>
> I truncated all of the files in /var/log/samba
[r...@ipa.wibble.com ~]# wbinfo --all-domains
BUILTIN
WIBBLE
PRATTLE
[r...@ipa.wibble.com ~]# wbinfo --own-domain
WIBBLE
On 3 January 2014 15:06, Andrew Holway wrote:
>> or simply run wbinfo on the server to check winbindd can properly
>> retrieve users before moving back to testing on client.
>
> or simply run wbinfo on the server to check winbindd can properly
> retrieve users before moving back to testing on client.
[r...@ipa.wibble.com ~]# wbinfo -i b...@prattle.com
failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for user b...@prattle.com
Would this be an app
>> To generate the winbind logs on the server, can you do 'smbcontrol winbindd
>> debug 100', then request the trusted user. The winbind logs would be at
>> /var/log/samba/log.w*
I truncated all of the files in /var/log/samba and then make a single
login attempt. These are the files that were non
On Fri, 2014-01-03 at 12:29 +0100, Jakub Hrozek wrote:
> On Thu, Jan 02, 2014 at 08:06:31PM +, Andrew Holway wrote:
> > /var/log/sssd/*
> > this is using bob@host (prattle.com is the windows domain)
> > https://gist.github.com/anonymous/ff817a251948ff58bdb1
> >
> > this is using b...@prattle.c
On Fri, Jan 03, 2014 at 12:29:11PM +0100, Jakub Hrozek wrote:
> On Thu, Jan 02, 2014 at 08:06:31PM +, Andrew Holway wrote:
> > /var/log/sssd/*
> > this is using bob@host (prattle.com is the windows domain)
> > https://gist.github.com/anonymous/ff817a251948ff58bdb1
> >
> > this is using b...@pr
On Thu, Jan 02, 2014 at 08:06:31PM +, Andrew Holway wrote:
> /var/log/sssd/*
> this is using bob@host (prattle.com is the windows domain)
> https://gist.github.com/anonymous/ff817a251948ff58bdb1
>
> this is using b...@prattle.com@host (prattle.com is the windows domain)
Thanks, these logs hav
Sorry, I forgot this. It works fine for the wibble.com linux domain.
[r...@ipa.wibble.com log]# ldapsearch -x -ZZ -H ldap://localhost -b
dc=prattle,dc=com
# extended LDIF
#
# LDAPv3
# base with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# search result
search: 3
result: 32 No suc
> As for AD users we need to look at the client and see what is going on
> there. What is your client? Version and component? Is it using latest SSSD?
> If not additional steps might be needed. Please provide the details
> about the clients. Please start with trying AD users on the IPA server
> its
On 01/02/2014 02:12 PM, Andrew Holway wrote:
>> You are still setting up a replication agreement not a trust.
> Oh, I am following the redhat documentation here:
>
> https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/managing-sync-agmt.html
On Thu, 2014-01-02 at 19:12 +, Andrew Holway wrote:
> > You are still setting up a replication agreement not a trust.
>
> Oh, I am following the redhat documentation here:
>
> https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/managing
> You are still setting up a replication agreement not a trust.
Oh, I am following the redhat documentation here:
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/managing-sync-agmt.html
> This seems to indicate that the directory serve
On 01/02/2014 12:07 PM, Andrew Holway wrote:
> I have taken out the winsync.
>
> [r...@ipa.wibble.com ~]# ipa-replica-manage connect --binddn
> cn=administrator,cn=users,dc=prattle,dc=com --bindpw pa$$ --passsync
> pa$$ --cacert /etc/openldap/cacerts/prattle.crt
> win-5uglhak7rin.prattle.com. -vvv
I turned off all the AD processed on my windows domain controller.
The error did not change.
On 2 January 2014 17:07, Andrew Holway wrote:
> I have taken out the winsync.
>
> [r...@ipa.wibble.com ~]# ipa-replica-manage connect --binddn
> cn=administrator,cn=users,dc=prattle,dc=com --bindpw pa$$
I have taken out the winsync.
[r...@ipa.wibble.com ~]# ipa-replica-manage connect --binddn
cn=administrator,cn=users,dc=prattle,dc=com --bindpw pa$$ --passsync
pa$$ --cacert /etc/openldap/cacerts/prattle.crt
win-5uglhak7rin.prattle.com. -vvv
Added CA certificate /etc/openldap/cacerts/prattle.crt
On 01/02/2014 07:38 AM, Andrew Holway wrote:
> I have gotten a little further along with this but am having problems
> connecting to the AD LDAP.
>
> [r...@ipa.wibble.com cacerts]# ipa-replica-manage connect --winsync
> --binddn cn=administrator,cn=users,dc=prattle,dc=com --bindpw
> X9deiX9dei --pa
I have gotten a little further along with this but am having problems
connecting to the AD LDAP.
[r...@ipa.wibble.com cacerts]# ipa-replica-manage connect --winsync
--binddn cn=administrator,cn=users,dc=prattle,dc=com --bindpw
X9deiX9dei --passsync X9deiX9dei --cacert
/etc/openldap/cacerts/prattle
23 matches
Mail list logo