[Freeipa-users] Error: invalid 'AD domain controller' when establishing trust
Genadi Postrilko
genadipost at gmail.com
Wed Oct 8 16:58:55 UTC 2014
2014-10-08 17:48 GMT+02:00 Alexander Bokovoy <abokovoy at redhat.com>:
> On Wed, 08 Oct 2014, Genadi Postrilko wrote:
>
>> The forest root domain in my case is RED.COM.
>>
> You need to establish trust to red.com then. Any domain which is member
> of the forest red.com will be visible through trust.
>
> Forest trust can only be established between forest root domains, that's
> how it is designed by Microsoft.
>
>
It doesn't matter how complex the forest is? Even if the forest contains
number of domain trees, the trust has to be
established with the forest root domain?
>> I have attached the log files.
>>
> These logs show you are attempting to establish trust to blue.com which
> is not a forest root domain, thus nothing works.
>
I assumed that DNS forwarding has to be created between IPA (linux.blue.com)
and the AD (blue.com).
Should any DNS configuration change?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20141008/0990c52b/attachment.htm>
More information about the Freeipa-users
mailing list