[Freeipa-users] resolving subdomain AD in a trust relationship
Nicolas Zin
nicolas.zin at savoirfairelinux.com
Mon Feb 16 09:42:08 UTC 2015
Hi,
we created a trust relationship with an AD, and we get this result:
# ipa trust-domainfind "company.com"
Domain name: corp.company.com
Domain NetBIOS name: COMPANY
Domain Security Identifier: S-1-5-21-blabla-blabla-blabla
Domain enabled: True
Domain name: company.com
Domain NetBIOS name: ROOT
Domain Security Identifier: S-1-5-21-blabla2-blabla2-blabla2
Domain enabled: True
We manage to see the user from the root domain:
id auser at company.com
But cannot see a user from the child:
id anotheruser at corp.company.com
In the logs we see:
Could not convert objectSID S-1-5-21-blabla-blabla-blabla-496378] to a UNIX ID
I have to add:
- it is on a Windows 2008R2
- it is a functional Windows 2003 level AD
Any idea?
Nicolas Zin
nicolas.zin at savoirfairelinux.com
Ligne directe: 514-276-5468 poste 135
Fax : 514-276-5465
7275 Saint Urbain
Bureau 200
Montréal, QC, H2R 2Y5
More information about the Freeipa-users
mailing list