[Freeipa-users] AD trust showing offline after reboot

Sumit Bose sbose at redhat.com
Tue May 20 08:08:34 UTC 2014 

On Tue, May 20, 2014 at 01:17:42PM +0530, Supratik Goswami wrote:
> PFA

somewhat switched the log level back to 1

  doing parameter log level = 1


can you check that 'net conf list' shows 'log level 10', if not please
set it with

net conf setparm 'log level' 10

bye,
Sumit

> 
> 
> 
> 
> On Tue, May 20, 2014 at 12:38 PM, Sumit Bose <sbose at redhat.com> wrote:
> 
> > On Mon, May 19, 2014 at 05:40:49PM +0530, Supratik Goswami wrote:
> > > Initially after configuring the setup I rebooted once and I was thinking
> > > that it worked before the reboot but unfortunately it didn't work the
> > first
> > > time itself.
> > >
> > > Still failing after running the commands.
> > >
> > > [root at ipaserver ~]# net conf setparm global "client min protocol"
> > smb2_02
> > > [root at ipaserver ~]# net conf setparm global "client max protocol"
> > smb2_02
> > > [root at ipaserver ~]# service winbind restart
> > >
> > > Shutting down Winbind services:                            [  OK  ]
> > > Starting Winbind services:                                 [  OK  ]
> > >
> > > [root at ipaserver ~]# wbinfo -n 'ADDOMAIN\Domain Admins'
> > > failed to call wbcLookupName: WBC_ERR_DOMAIN_NOT_FOUND
> > > Could not lookup name ADDOMAIN\Domain Admins
> > >
> > > [root at ipaserver ~]# wbinfo -u
> > > [root at ipaserver ~]#
> > >
> > > The issue is reproducible every time if anyone follows the steps as I
> > have
> > > done.
> > >
> >
> > It would be nice if you can send a second round of log files. Please
> > stop winbind, remove all *winbind* and *wb* log files in /var/log/samba,
> > make sure 'log level' is 10 or higher,
> > start winbind, call 'wbinfo -n 'ADDOMAIN\Domain Admins', stop winbind,
> > put all *winbind* and *wb* log files in a tar/zip archive and send the
> > archive. If you think the archive is too large for a mailing-list fell
> > free to send them to me directly.
> >
> > bye,
> > Sumit
> > >
> > > On Mon, May 19, 2014 at 4:45 PM, Sumit Bose <sbose at redhat.com> wrote:
> > >
> > > > On Mon, May 19, 2014 at 04:29:24PM +0530, Supratik Goswami wrote:
> > > > > Hi
> > > > >
> > > > > Let me start from the beginning once again. Let me explain you what
> > > > steps I
> > > > > followed during the setup.
> > > > >
> > > > > I am setting up the environment in Amazon AWS, both Windows AD
> > server and
> > > > > Linux IPA configured in EC2.
> > > > > For configuring Windows 2008 I selected
> > > > > Windows_Server-2008-R2_SP1-English-64Bit-Base-2014.04.09
> > (ami-df8e93b6)
> > > > > and for configuring IPA server I selected CentOS 6.5 (x86_64) -
> > Release
> > > > > Media (ami-8997afe0).
> > > > >
> > > > > I followed the steps from
> > > > > http://www.freeipa.org/page/Howto/IPAv3_AD_trust_setup and also
> > kept the
> > > > > domain names
> > > > > similar as in the example.
> > > > >
> > > > > IPA server hostname: ipaserver
> > > > > IPA domain:          ipadomain.example.com
> > > > > IPA NetBIOS:         IPADOMAIN
> > > > >
> > > > > AD DC hostname:      adserver
> > > > > AD domain:           addomain.example.com
> > > > > AD NetBIOS:          ADDOMAIN
> > > > >
> > > > >
> > > > > 1. Updated the system and install the packages.
> > > > >
> > > > > # yum update -y
> > > > > # yum install -y "*ipa-server" "*ipa-server-trust-ad"
> > > > > samba4-winbind-clients samba4-winbind samba4-client bind
> > bind-dyndb-ldap
> > > > >
> > > > > List of important packages installed during the update are as
> > follows.
> > > > >
> > > > >  bind                    x86_64  32:9.8.2-0.23.rc1.el6_5.1
> > > > >  bind-dyndb-ldap         x86_64  2.3-5.el6
> > > > >
> > > > >  ipa-server              x86_64  3.0.0-37.el6
> > > > >  ipa-server-trust-ad     x86_64  3.0.0-37.el6
> > > > >  ipa-admintools          x86_64  3.0.0-37.el6
> > > > >  ipa-client              x86_64  3.0.0-37.el6
> > > > >  ipa-pki-ca-theme        noarch  9.0.3-7.el6
> > > > >  ipa-pki-common-theme    noarch  9.0.3-7.el6
> > > > >  ipa-python              x86_64  3.0.0-37.el6
> > > > >  ipa-server-selinux      x86_64  3.0.0-37.el6
> > > > >
> > > > >  samba4-client           x86_64  4.0.0-61.el6_5.rc4
> > > > >  samba4-winbind          x86_64  4.0.0-61.el6_5.rc4
> > > > >  samba4-winbind-clients  x86_64  4.0.0-61.el6_5.rc4
> > > > >  samba4                  x86_64  4.0.0-61.el6_5.rc4
> > > > >  samba4-common           x86_64  4.0.0-61.el6_5.rc4
> > > > >  samba4-libs             x86_64  4.0.0-61.el6_5.rc4
> > > > >  samba4-python           x86_64  4.0.0-61.el6_5.rc4
> > > >
> > > > ah, sorry, I this might be a known issue, but I got on a wrong track
> > > > because I thought it was working initially and only failed after
> > reboot.
> > > >
> > > > Please try to set "client min protocol" and "client max protocol" in
> > the
> > > > samba configuration:
> > > >
> > > > net conf setparm global "client min protocol" smb2_02
> > > > net conf setparm global "client max protocol" smb2_02
> > > >
> > > > restart winbind and try again.
> > > >
> > > > HTH
> > > >
> > > > bye,
> > > > Sumit
> > > >
> > > > >
> > > > >  389-ds-base             x86_64  1.2.11.15-32.el6_5
> > > > >  389-ds-base-libs        x86_64  1.2.11.15-32.el6_5
> > > > >
> > > > >  certmonger              x86_64  0.61-3.el6
> > > > >
> > > > >  krb5-server             x86_64  1.10.3-15.el6_5.1
> > > > >  krb5-workstation        x86_64  1.10.3-15.el6_5.1
> > > > >
> > > > >  sssd                    x86_64  1.9.2-129.el6_5.4
> > > > >  sssd-client             x86_64  1.9.2-129.el6_5.4
> > > > >
> > > > >
> > > > >
> > > >
> > >
> > >
> > >
> > > --
> > > Warm Regards
> > >
> > > Supratik
> >
> 
> 
> 
> -- 
> Warm Regards
> 
> Supratik

More information about the Freeipa-users mailing list