[Freeipa-users] testing AD trust on Fedora 18
John Dennis
jdennis at redhat.com
Wed Dec 19 18:27:54 UTC 2012
On 12/19/2012 01:10 PM, Andre Rodrigues wrote:
> Thank you all for the answers..
> I noticed that I had installed freeipa with incorrect parameters, so I
> reinstalled freeipa and I think now default.conf is correct.
> answering some questions:
>
> On 12/18/2012, John Dennis wrote:
>> Please provide the contents of /etc/ipa/default.conf.
> [root at mtest ~]# more /etc/ipa/default.conf
> [global]
> host=mtest.unicamp.br
> basedn=dc=ipa,dc=unicamp,dc=br
> realm=IPA.UNICAMP.BR
> domain=ipa.unicamp.br
> xmlrpc_uri=https://mtest.unicamp.br/ipa/xml
> ldap_uri=ldapi://%2fvar%2frun%2fslapd-IPA-CCUEC-UNICAMP-BR.socket
> enable_ra=True
> mode=production
>
>> Do you have a .ipa/default.conf file set? If so that overrides the values in /etc/ipa/default.conf. If you have that as well please provide that as well.
> No
>
> On 12/19/2012, Petr Spacek wrote:
>> John, could it be related to LANG environment variable? Is the parser sensitive to LANG/other variables?
>> Andre, could you post output from "echo $LANG", please? (Logged in as user which ran IPA commands.) -- Petr^2 Spacek
> yes it could be...
> [root at mtest ~]# echo $LANG
> pt_BR.UTF-8
Thank you, this is a bug in the cookie handling that only shows up with
non-English locales. We already have a patch for it.
https://fedorahosted.org/freeipa/ticket/3313
>
> On 12/19/2012, Sumit Bose wrote:
>> Andre, as a workaround until the packages are fixed please call
>>
>> yum install m2crypto
>> service httpd restart
>>
>> HTH
> Thanks Sumit! The error with ad-trust package is not returned to me.
> Now it seems that the problem is with the DNS settings of AD domain:
>
> ipa: ERROR: Unable to resolve domain controller for 'adtest.unicamp.br' domain.
> Additional instructions:
> IPA manages DNS, please verify your DNS configuration and make sure
> that service records of the 'adtest.unicamp.br' domain can be
> resolved. Examples how to configure DNS with CLI commands or the Web
> UI can be found in the documentation.
>
> but I think I will solve it quickly.
>
--
John Dennis <jdennis at redhat.com>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-users
mailing list