<html dir="ltr"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <style type="text/css" id="owaParaStyle"></style> </head> <body fpstyle="1" ocsi="0"> <div style="direction: ltr;font-family: Tahoma;color: #000000;font-size: 10pt;">Hi, <div><br> </div> <div>Probably there are better ways to solve this issue but the way that works for me is to validate the trust from the AD side after a reboot of the IPA Server - it always shows as offline for me too. On 2012 Server you can do this through Active Directory Domains and Trusts - properties on your domain and go to trust tab - properties again. Next you press validate on the General tab. AD will ask for authentication but that can be skipped.</div> <div>AD Trust will be back online right away and you can check it through wbinfo --online-status.</div> <div><br> </div> <div>Probably the procedure are similar on Server 2008.</div> <div><br> </div> <div>Johan<br> <div style="font-family: Times New Roman; color: #000000; font-size: 16px"> <hr tabindex="-1"> <div id="divRpF907958" style="direction: ltr;"><font face="Tahoma" size="2" color="#000000"><b>From:</b> freeipa-users-bounces@redhat.com [freeipa-users-bounces@redhat.com] on behalf of Mark Gardner [maleko42@gmail.com]<br> <b>Sent:</b> Friday, June 27, 2014 20:23<br> <b>To:</b> freeipa-users<br> <b>Subject:</b> [Freeipa-users] Help: Rebooted IPA server and AD Trust shows offline<br> </font><br> </div> <div></div> <div> <div dir="ltr">Was trying to add an external ad group to IPA, it kept failing with unable to connect to server. <div><br> </div> <div>Figured I'd reboot to clear things up. Oops.</div> <div><br> </div> <div>Now wbinfo --online-status shows are AD as offline.</div> <div>wbinfo -u shows blank</div> <div><br> </div> <div>wbinfo -n 'DOMAIN\user' gives the following message:</div> <div><br> </div> <div>failed to call wbcLookupName: WBC_ERR_DOMAIN_NOT_FOUND<br> </div> <div>could not lookup 'Domain\user'</div> <div><br> </div> <div>I saw a similar post in the freeipa-users archive about adding</div> <div> <div> client min protocol = CORE</div> <div> client max protocol = SMB2_02</div> </div> <div>to the samba config; restarted winbind and still getting errors</div> <div><br> </div> <div>FreeIPA 3.0<br> Windows 2008 R2.</div> <div><br> </div> </div> </div> </div> </div> </div> <font face="Times New Roman" size="3"> </font><p class="MsoNormal" style="margin: 0cm 0cm 0pt;"><em><span lang="EN-GB" style='color: #333333; font-family: "Arial","sans-serif"; font-size: 8pt; mso-ansi-language: EN-GB;'>This e-mail is private and confidential between the sender and the addressee. <o:p></o:p></span></em></p><font face="Times New Roman" size="3"> </font><p class="MsoNormal" style="margin: 0cm 0cm 0pt;"><em><span lang="EN-GB" style='color: #333333; font-family: "Arial","sans-serif"; font-size: 8pt; mso-ansi-language: EN-GB;'>In the event of misdirection, the recipient is prohibited from using, copying or <o:p></o:p></span></em></p><font face="Times New Roman" size="3"> </font><p class="MsoNormal" style="margin: 0cm 0cm 0pt;"><em><span lang="EN-GB" style='color: #333333; font-family: "Arial","sans-serif"; font-size: 8pt; mso-ansi-language: EN-GB;'>disseminating it or any information in it. Please notify the above if any misdirection.</span></em><span lang="EN-US" style="mso-ansi-language: EN-US;"><o:p></o:p></span></p><font face="Times New Roman" size="3"> </font></body> </html>