[Freeipa-users] IPA ERROR: non-public: TypeError -- ipa trust-add internal server error

Alexander Bokovoy abokovoy at redhat.com
Wed Jul 1 18:34:48 UTC 2015 

On Wed, 01 Jul 2015, David Fox wrote:
>I am encountering issues trying to integrate FreeIPA with AD, on *nix 
>promp I get "internal server rror" and within I receive the following 
>message in httpd_errorlog.
>[0070] 00 00 00 00 0D 00 00 00   69 00 70 00 61 00 2E 00   ........ 
>i.p.a...
>[0080] 68 00 73 00 61 00 2E 00   63 00 6F 00 2E 00 75 00   ... c.o...u.
>[0090] 6B 00 00 00 00 00 00 00                            k.......
>[Tue Jun 30 13:17:01.369249 2015] [:error] [pid 1063] ipa: ERROR: 
>non-public: TypeError: default/librpc/gen_ndr/py_lsa.c:9436: Expected 
>type 'security.dom_sid' for 'py_dom_sid' of type 'NoneType'
>[Tue Jun 30 13:17:01.369285 2015] [:error] [pid 1063] Traceback (most 
>recent call last):
>[Tue Jun 30 13:17:01.369289 2015] [:error] [pid 1063]   File 
>"/usr/lib/python2.7/site-packages/ipaserver/rpcserver.py", line 348, 
>in wsgi_execute
>[Tue Jun 30 13:17:01.369292 2015] [:error] [pid 1063]     result = 
>self.Command[name](*args, **options)
>[Tue Jun 30 13:17:01.369294 2015] [:error] [pid 1063]   File 
>"/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 439, in 
>__call__
>[Tue Jun 30 13:17:01.369303 2015] [:error] [pid 1063]     ret = 
>self.run(*args, **options)
>[Tue Jun 30 13:17:01.369306 2015] [:error] [pid 1063]   File 
>"/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 754, in 
>run
>[Tue Jun 30 13:17:01.369308 2015] [:error] [pid 1063]     return 
>self.execute(*args, **options)
>[Tue Jun 30 13:17:01.369310 2015] [:error] [pid 1063]   File 
>"/usr/lib/python2.7/site-packages/ipalib/plugins/trust.py", line 474, 
>in execute
>[Tue Jun 30 13:17:01.369313 2015] [:error] [pid 1063]     result = 
>self.execute_ad(full_join, *keys, **options)
>[Tue Jun 30 13:17:01.369315 2015] [:error] [pid 1063]   File 
>"/usr/lib/python2.7/site-packages/ipalib/plugins/trust.py", line 709, 
>in execute_ad
>[Tue Jun 30 13:17:01.369318 2015] [:error] [pid 1063]     
>self.realm_passwd
>[Tue Jun 30 13:17:01.369320 2015] [:error] [pid 1063]   File 
>"/usr/lib/python2.7/site-packages/ipaserver/dcerpc.py", line 1222, in 
>join_ad_full_credentials
>[Tue Jun 30 13:17:01.369323 2015] [:error] [pid 1063]     
>self.remote_domain.establish_trust(self.local_domain, trustdom_pass)
>[Tue Jun 30 13:17:01.369325 2015] [:error] [pid 1063]   File 
>"/usr/lib/python2.7/site-packages/ipaserver/dcerpc.py", line 963, in 
>establish_trust
>[Tue Jun 30 13:17:01.369327 2015] [:error] [pid 1063]     
>self._pipe.DeleteTrustedDomain(self._policy_handle, res.info_ex.sid)
>[Tue Jun 30 13:17:01.369330 2015] [:error] [pid 1063] TypeError: 
>default/librpc/gen_ndr/py_lsa.c:9436: Expected type 'security.dom_sid' 
>for 'py_dom_sid' of type 'NoneType'
>[Tue Jun 30 13:17:01.369648 2015] [:error] [pid 1063] ipa: INFO: 
>[jsonserver_session] admin at IPA.*redacted*: trust_add(u'*redacted*', 
>trust_type=u'ad', realm_admin=u'*redacted*', realm_passwd=u'********', 
>all=False, raw=False, version=u'2.112'): TypeError
>
>
>These are whole logs with "log level = 100" set in smb.conf.empty. Log 
>files were emptied before the above command was ran. If there is any 
>other information required please let me know.
>
>Software versions:
>Fedora 22: 4.1.4
>Fedora 22: 4.2 Alpha 1
>
>Oracle Linux 7.1 64bit: without DNS
>ipa-server.x86_64 - 4.1.0-18.0.1-el17_1.3
>ipa-server-trust-ad.x86_64 - 4.1.0-18.0.1-el17_1.3
>
>CentOS 7.1 64bit: With DNS
>ipa-server.x86_64 - 4.1.0-18-el7.centos.3
>ipa-server-trust-ad.x86_64 - 4.1.0-18-el7.centos.3
It is unclear from your report what exact distro causing this issue for
you. Is this with Fedora 22 (e.g. Samba 4.2)?
-- 
/ Alexander Bokovoy

More information about the Freeipa-users mailing list