[Freeipa-users] Freeipa 4 and AD
Alexander Bokovoy
abokovoy at redhat.com
Wed Apr 8 17:59:55 UTC 2015
On Wed, 08 Apr 2015, Aric Wilisch wrote:
>I’m having issues with getting my RHEL 7 server running Freeipa 4 to
>join my Windows 2012R2 domain.
>
>DNS checks out fine. When I try to establish the join I get the below
>listed errors popping up. I’ve tried both creating the trust from
>Freeipa and just this morning I setup the trust on the AD side and
>tried to use the —trust-secret option. There are no firewalls between
>them, but they are on different subnets.
>
>Any help would be great. This is holding up a project and I’m not able
>to figure out what’s going on.
>
>Thanks in advance.
>
>finddcs: Skipping DC 10.32.145.134 with server_type=0x0000f17c - required 0x00000119
You need to establish trust using a PDC of the forest root domain.
Your DC is not a PDC (lacks bit 1 in the server type), thus it is not
possible to establish cross-forest trust. This is Active Directory
requirement.
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list