[Freeipa-users] Unable to Login until Trust is Repaired

Dmitri Pal dpal at redhat.com
Thu Nov 13 16:18:48 UTC 2014 

On 11/13/2014 08:37 AM, Jonathan Bradford wrote:
> > 3.0 is a pretty old version, I mean a lot has changed in trust area 
> between 3.0 and 3.3.
> > Any chance you can use that?
> > What distro do you use?
> I'm not sure if I can use a newer version. I'm using RHEL Server 6.5. 
> I'm connected to a Satellite server, but it is a disconnected 
> Satellite not allowed on the internet. Satellite updates have to be 
> manually downloaded via .ISOs. The server has the most recent version 
> of RHEL 6 updates on it. The .ISOs and versions are found on Red Hat's 
> website here...
> https://www.redhat.com/wapps/sso/login.html?redirect=https%3A%2F%2Frhn.redhat.com%2Frhn%2Fsoftware%2Fchannel%2Fdownloads%2FDownload.do%3Fcid=18952

3.3 is RHEL 7.0.
I think there is an image:  RHEL 7 (x86_64) + EUS + RHN Tools + Optional 
(Base 2014-06-24)

> Date: Thu, 13 Nov 2014 08:27:28 -0500
> From: Dmitri Pal <dpal at redhat.com <mailto:dpal at redhat.com>>
> To: freeipa-users at redhat.com <mailto:freeipa-users at redhat.com>
> Subject: Re: [Freeipa-users] Unable to Login until Trust is Repaired
>         (Jonathan)
> Message-ID: <5464B1C0.1070709 at redhat.com 
> <mailto:5464B1C0.1070709 at redhat.com>>
> Content-Type: text/plain; charset="iso-8859-1"; Format="flowed"
>
> On 11/13/2014 08:15 AM, Jonathan Bradford wrote:
> > Dmitri:
> > Thanks for the reply.
> > > Do you need to repair the trust for every single user or just once?
> > Yes, I have to repair the trust for every new user added to Active
> > Directory who needs access to an IdM resource. Only once per user 
> though.
> > > What it is your AD domain topology?
> > My AD topology is very simple at the moment because it is a test
> > environment. I currently have one domain controller with a domain of
> > venus.com <http://venus.com/> <http://venus.com 
> <http://venus.com/>>. My IdM topology is very similar--one
> > IdM server with a domain of mercury.com <http://mercury.com/> 
> <http://mercury.com <http://mercury.com/>>.
> > > Are you establishing trust with the primary domain controller?
> > Yes.
> > > What version of IPA and AD are you using?
> > I'm using IPA v 3.0. I'm not sure of the current version of AD, but
> > I'm using it on Windows Server 2008 R2 SP1.
>
> 3.0 is a pretty old version, I mean a lot has changed in trust area
> between 3.0 and 3.3.
> Any chance you can use that?
>
> What distro do you use?
>
>


-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager IdM portfolio
Red Hat, Inc.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20141113/23aa228b/attachment.htm>

More information about the Freeipa-users mailing list