[Freeipa-users] ipa AD trust issue
Alexander Bokovoy
abokovoy at redhat.com
Thu Jan 23 20:17:01 UTC 2014
On Thu, 23 Jan 2014, Zulkifal Ahmad wrote:
>Hi , In reference to the following thread, I already have an entry for AD sever in the /etc/hosts file of ipaserver but the issue still remains. Both my DNS servers are resolving the records from the opposite side. Any other suggestionsto remove this error ?
>
>root at ipaserver <mailto:root at ipaserver># ipa trust-add --type=ad
> adexample.com --admin Administrator --password
>
>
>ipa: ERROR: CIFS server communication error: code "-1073741801",
>message "Memory allocation error" (both may be "None")
Add 'log level = 100' to /usr/share/ipa/smb.conf.empty in [global]
section and try again.
You'll get SMB traffic debugging in /var/log/httpd/error_log.
Adding and removing 'log level = 100' to /usr/share/ipa/smb.conf.empty
does not require restarting httpd.
>
>
>
>Thanks
>
>Zulkifal Ahmad
>
>
>
>
>On 01/17/2014 06:29 PM, Zulkifal Ahmad wrote:
>> Hi List , Just wanted to find out if anyone has setup an ipa-AD trust
>> successfully, According to the instructions in the following link
>> https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/trust-ipa-subdomain.html
>> everything went well until I hit the point where I had to check the
>> samba configuration, by typing the command
>> root at ipaserver <mailto:root at ipaserver># smbclient -L
>> ipaserver.ipaexample.com -k
>> smbclient: command not found
>> and similar for
>> root at ipaserver <mailto:root at ipaserver># wbinfo --online-status
>> wbinfo: command not found
>>
>> I am pretty sure that the command "ipa-trust-install" command did
>> install samba4 packages as dependencies, anyways I thought these
>> packages were not necessary and went forward until I got really stuck
>> when I typed the command .
>> root at ipaserver <mailto:root at ipaserver># ipa trust-add --type=ad
>> adexample.com --admin Administrator --password
>> This gave me a very cruel message
>> ipa: ERROR: CIFS server communication error: code "-1073741801",
>> message "Memory allocation error" (both may be "None")
>> If its this bug " https://bugzilla.redhat.com/show_bug.cgi?id=878168 "
>
>Yes. The solution is:
>
>If configured, the Active Directory (AD) DNS server returns IPv4 and
>IPv6 addresses of an AD server. If the FreeIPA server cannot connect to
>the AD server with an IPv6 address, running the ipa trust-add command
>will fail even if it would be possible to use IPv4. To work around this
>problem, add the IPv4 address of the AD server to the /etc/hosts file.
>In this case, the FreeIPA server will use only the IPv4 address and
>executing ipa trust-add will be successful.
>
>> has anyone worked it out. Secondly cifs-utils has dependency on samba3
>> packages and ipa-ad-trust needs samba4 but samba3 and samba4 don't
>> like each other , so this is the story of my experience with ipa. Any
>> suggestions ?
>
>Why do you need cifs-utils on the same server?
>cifs-utils to make a system a client to MSFT file server, AFAIU you cant
>make IPA server to be a cifs client.
>
>SSSD 1.12 (in works) if going to be capable to work with cifs-utils
>instead of samba winbind thus the limitation will be lifted.
>
>
>> My ipa server server OS : CentOS 6.5
>> ipa server version : 3
>> Active directory: server 2008 R2 Standard
>>
>> Thank you
>> */ Best Regards/*
>> //
>> /Sahibzada .Z. Ahmad/
>> /System Administrator/*
>> *
>
>
> Best Regards
>
>Sahibzada .Z. Ahmad
>System Administrator
>cell: 1(678)267-0265 (US)
>cell: 1(647)339-5434 (Canada)
>
>
>
>
>
>
>
>
>
>_______________________________________________
>Freeipa-users mailing list
>Freeipa-users at redhat.com
>https://www.redhat.com/mailman/listinfo/freeipa-users
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list