<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=us-ascii"> <style type="text/css" id="owaParaStyle" style="">  P {margin-top:0;margin-bottom:0;}</style> </head> <body dir="ltr" tabindex="0" id="" fpstyle="1" aria-label="Message body"> <div name="divtagdefaultwrapper" id="divtagdefaultwrapper" style="font-family: Calibri,Arial,Helvetica,sans-serif; font-size: 12pt; color: #000000; margin: 0"> <font size="3">I'm in the midst of setting up a trust with FreeIPA and Active Directory and am receiving the following error: </font> <div style="color: rgb(0, 0, 0); font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt;"> <br> </div> <div style="color: rgb(0, 0, 0); font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt;"> <div># ipa trust-add --type=ad ad.example.com --admin 'mwhanley' --password</div> <div>Active directory domain administrator's password: </div> <div><br> </div> <div>ipa: ERROR: Cannot find specified domain or server name</div> </div> <div style="color: rgb(0, 0, 0); font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt;"> <br> </div> <div style="color: rgb(0, 0, 0); font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt;"> The FreeIPA server is running Fedora release 20, version 3.3.3-4 of FreeIPA and I have turned on debugging and get the following:</div> <div style="color: rgb(0, 0, 0); font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt;"> <br> </div> <div style="color: rgb(0, 0, 0); font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt;"> <div>ps [Wed Apr 02 10:20:53.766064 2014] [:error] [pid 32522] ipa: INFO: admin@ipaexample.com<span style="font-size:12pt">: trust_add(u'ad.example.com', trust_type=u'ad', realm_admin=u'mwhanley', realm</span><span style="font-size:12pt">_passwd=u'********', all=False, raw=False, version=u'2.65'): NotFound</span></div> <div><span style="font-size: 12pt;">[Wed Apr 02 10:21:29.635077 2014] [:error] [pid 32521] ipa: INFO: admin@ipaexample.com</span><span style="font-size: 12pt;">: idrange_find(None, all=False, raw=False, version=u'2.65', pkey_only=False): </span><span style="font-size: 12pt;">SUCCESS</span></div> <div>INFO: Current debug levels:</div> <div> all: 11</div> <div> tdb: 11</div> <div> printdrivers: 11</div> <div> lanman: 11</div> <div> smb: 11</div> <div> rpc_parse: 11</div> <div> rpc_srv: 11</div> <div> rpc_cli: 11</div> <div> passdb: 11</div> <div> sam: 11</div> <div> auth: 11</div> <div> winbind: 11</div> <div> vfs: 11</div> <div> idmap: 11</div> <div> quota: 11</div> <div> acls: 11</div> <div> locking: 11</div> <div> msdfs: 11</div> <div> dmapi: 11</div> <div> registry: 11</div> <div> scavenger: 11</div> <div> dns: 11</div> <div> ldb: 11</div> <div>pm_process() returned Yes</div> <div>Using binding ncacn_np:host.ipaexample.com[,]</div> <div>Mapped to DCERPC endpoint \pipe\lsarpc</div> <div>added interface eth0 ip=xxx.xxx.xxx.xxx bcast=xxx.xxx.xxx.xxx netmask=255.255.255<span style="font-size: 12pt;">.0</span></div> <div>added interface eth0 ip=xxx.xxx.xxx.xxx bcast=xxx.xxx.xxx.xxx netmask=255.255.255<span style="font-size: 12pt;">.0</span></div> <div>Socket options:</div> <div><span class="Apple-tab-span" style="white-space:pre"></span>SO_KEEPALIVE = 0</div> <div><span class="Apple-tab-span" style="white-space:pre"></span>SO_REUSEADDR = 0</div> <div><span class="Apple-tab-span" style="white-space:pre"></span>SO_BROADCAST = 0</div> <div><span class="Apple-tab-span" style="white-space:pre"></span>TCP_NODELAY = 1</div> <div><span class="Apple-tab-span" style="white-space:pre"></span>TCP_KEEPCNT = 9</div> <div><span class="Apple-tab-span" style="white-space:pre"></span>TCP_KEEPIDLE = 7200</div> <div><span class="Apple-tab-span" style="white-space:pre"></span>TCP_KEEPINTVL = 75</div> <div><span class="Apple-tab-span" style="white-space:pre"></span>IPTOS_LOWDELAY = 0</div> <div><span class="Apple-tab-span" style="white-space:pre"></span>IPTOS_THROUGHPUT = 0</div> <div><span class="Apple-tab-span" style="white-space:pre"></span>SO_REUSEPORT = 0</div> <div><span class="Apple-tab-span" style="white-space:pre"></span>SO_SNDBUF = 663750</div> <div><span class="Apple-tab-span" style="white-space:pre"></span>SO_RCVBUF = 265452</div> <div><span class="Apple-tab-span" style="white-space:pre"></span>SO_SNDLOWAT = 1</div> <div><span class="Apple-tab-span" style="white-space:pre"></span>SO_RCVLOWAT = 1</div> <div><span class="Apple-tab-span" style="white-space:pre"></span>SO_SNDTIMEO = 0</div> <div><span class="Apple-tab-span" style="white-space:pre"></span>SO_RCVTIMEO = 0</div> <div><span class="Apple-tab-span" style="white-space:pre"></span>TCP_QUICKACK = 1</div> <div><span class="Apple-tab-span" style="white-space:pre"></span>TCP_DEFER_ACCEPT = 0</div> <div>Starting GENSEC mechanism spnego</div> <div>Starting GENSEC submechanism gssapi_krb5</div> <div>Ticket in credentials cache for admin@ipaexample.com will expire in 84015 secs</div> <div>gensec_gssapi: NO credentials were delegated</div> <div>GSSAPI Connection will be cryptographically sealed</div> <div><br> </div> <div><span style="font-size: 12pt;">I've also done an "ipactl restart" to no avail. Any help would be appreciated.</span></div> <div><span style="font-size: 12pt;"><br> </span></div> <div><span style="font-size: 12pt;">-Matt</span></div> <div><span style="font-size: 12pt;"><br> </span></div> <div><span style="font-size: 12pt;"><br> </span></div> <div><span style="font-size: 12pt;">Matthew Hanley</span></div> <div><span style="font-size: 12pt;">IT Analyst</span></div> <div><span style="font-size: 12pt;">Syracuse University</span></div> <div><span style="font-size: 12pt;">mwhanley@syr.edu</span></div> </div> </div> </body> </html>