[Freeipa-users] AD trust showing offline after reboot
Sumit Bose
sbose at redhat.com
Tue May 20 08:08:34 UTC 2014
On Tue, May 20, 2014 at 01:17:42PM +0530, Supratik Goswami wrote:
> PFA
somewhat switched the log level back to 1
doing parameter log level = 1
can you check that 'net conf list' shows 'log level 10', if not please
set it with
net conf setparm 'log level' 10
bye,
Sumit
>
>
>
>
> On Tue, May 20, 2014 at 12:38 PM, Sumit Bose <sbose at redhat.com> wrote:
>
> > On Mon, May 19, 2014 at 05:40:49PM +0530, Supratik Goswami wrote:
> > > Initially after configuring the setup I rebooted once and I was thinking
> > > that it worked before the reboot but unfortunately it didn't work the
> > first
> > > time itself.
> > >
> > > Still failing after running the commands.
> > >
> > > [root at ipaserver ~]# net conf setparm global "client min protocol"
> > smb2_02
> > > [root at ipaserver ~]# net conf setparm global "client max protocol"
> > smb2_02
> > > [root at ipaserver ~]# service winbind restart
> > >
> > > Shutting down Winbind services: [ OK ]
> > > Starting Winbind services: [ OK ]
> > >
> > > [root at ipaserver ~]# wbinfo -n 'ADDOMAIN\Domain Admins'
> > > failed to call wbcLookupName: WBC_ERR_DOMAIN_NOT_FOUND
> > > Could not lookup name ADDOMAIN\Domain Admins
> > >
> > > [root at ipaserver ~]# wbinfo -u
> > > [root at ipaserver ~]#
> > >
> > > The issue is reproducible every time if anyone follows the steps as I
> > have
> > > done.
> > >
> >
> > It would be nice if you can send a second round of log files. Please
> > stop winbind, remove all *winbind* and *wb* log files in /var/log/samba,
> > make sure 'log level' is 10 or higher,
> > start winbind, call 'wbinfo -n 'ADDOMAIN\Domain Admins', stop winbind,
> > put all *winbind* and *wb* log files in a tar/zip archive and send the
> > archive. If you think the archive is too large for a mailing-list fell
> > free to send them to me directly.
> >
> > bye,
> > Sumit
> > >
> > > On Mon, May 19, 2014 at 4:45 PM, Sumit Bose <sbose at redhat.com> wrote:
> > >
> > > > On Mon, May 19, 2014 at 04:29:24PM +0530, Supratik Goswami wrote:
> > > > > Hi
> > > > >
> > > > > Let me start from the beginning once again. Let me explain you what
> > > > steps I
> > > > > followed during the setup.
> > > > >
> > > > > I am setting up the environment in Amazon AWS, both Windows AD
> > server and
> > > > > Linux IPA configured in EC2.
> > > > > For configuring Windows 2008 I selected
> > > > > Windows_Server-2008-R2_SP1-English-64Bit-Base-2014.04.09
> > (ami-df8e93b6)
> > > > > and for configuring IPA server I selected CentOS 6.5 (x86_64) -
> > Release
> > > > > Media (ami-8997afe0).
> > > > >
> > > > > I followed the steps from
> > > > > http://www.freeipa.org/page/Howto/IPAv3_AD_trust_setup and also
> > kept the
> > > > > domain names
> > > > > similar as in the example.
> > > > >
> > > > > IPA server hostname: ipaserver
> > > > > IPA domain: ipadomain.example.com
> > > > > IPA NetBIOS: IPADOMAIN
> > > > >
> > > > > AD DC hostname: adserver
> > > > > AD domain: addomain.example.com
> > > > > AD NetBIOS: ADDOMAIN
> > > > >
> > > > >
> > > > > 1. Updated the system and install the packages.
> > > > >
> > > > > # yum update -y
> > > > > # yum install -y "*ipa-server" "*ipa-server-trust-ad"
> > > > > samba4-winbind-clients samba4-winbind samba4-client bind
> > bind-dyndb-ldap
> > > > >
> > > > > List of important packages installed during the update are as
> > follows.
> > > > >
> > > > > bind x86_64 32:9.8.2-0.23.rc1.el6_5.1
> > > > > bind-dyndb-ldap x86_64 2.3-5.el6
> > > > >
> > > > > ipa-server x86_64 3.0.0-37.el6
> > > > > ipa-server-trust-ad x86_64 3.0.0-37.el6
> > > > > ipa-admintools x86_64 3.0.0-37.el6
> > > > > ipa-client x86_64 3.0.0-37.el6
> > > > > ipa-pki-ca-theme noarch 9.0.3-7.el6
> > > > > ipa-pki-common-theme noarch 9.0.3-7.el6
> > > > > ipa-python x86_64 3.0.0-37.el6
> > > > > ipa-server-selinux x86_64 3.0.0-37.el6
> > > > >
> > > > > samba4-client x86_64 4.0.0-61.el6_5.rc4
> > > > > samba4-winbind x86_64 4.0.0-61.el6_5.rc4
> > > > > samba4-winbind-clients x86_64 4.0.0-61.el6_5.rc4
> > > > > samba4 x86_64 4.0.0-61.el6_5.rc4
> > > > > samba4-common x86_64 4.0.0-61.el6_5.rc4
> > > > > samba4-libs x86_64 4.0.0-61.el6_5.rc4
> > > > > samba4-python x86_64 4.0.0-61.el6_5.rc4
> > > >
> > > > ah, sorry, I this might be a known issue, but I got on a wrong track
> > > > because I thought it was working initially and only failed after
> > reboot.
> > > >
> > > > Please try to set "client min protocol" and "client max protocol" in
> > the
> > > > samba configuration:
> > > >
> > > > net conf setparm global "client min protocol" smb2_02
> > > > net conf setparm global "client max protocol" smb2_02
> > > >
> > > > restart winbind and try again.
> > > >
> > > > HTH
> > > >
> > > > bye,
> > > > Sumit
> > > >
> > > > >
> > > > > 389-ds-base x86_64 1.2.11.15-32.el6_5
> > > > > 389-ds-base-libs x86_64 1.2.11.15-32.el6_5
> > > > >
> > > > > certmonger x86_64 0.61-3.el6
> > > > >
> > > > > krb5-server x86_64 1.10.3-15.el6_5.1
> > > > > krb5-workstation x86_64 1.10.3-15.el6_5.1
> > > > >
> > > > > sssd x86_64 1.9.2-129.el6_5.4
> > > > > sssd-client x86_64 1.9.2-129.el6_5.4
> > > > >
> > > > >
> > > > >
> > > >
> > >
> > >
> > >
> > > --
> > > Warm Regards
> > >
> > > Supratik
> >
>
>
>
> --
> Warm Regards
>
> Supratik
More information about the Freeipa-users
mailing list