[Freeipa-users] ipa group-add-member failed
Alexander Bokovoy
abokovoy at redhat.com
Mon Mar 2 20:11:12 UTC 2015
On Mon, 02 Mar 2015, Ben .T.George wrote:
>HI
>
>trust was successful
>
>ipa trust-add --type=ad *ad_domain* --admin Administrator --password
>
>and i got output like below
>
>Active directory domain administrator's password:
>------------------------------------------------------
>Added Active Directory trust for realm "KWTTESTDC.COM"
>------------------------------------------------------
> Realm name: KWTTESTDC.COM
> Domain NetBIOS name: KWTTESTDC
> Domain Security Identifier: S-1-5-21-3779563847-208264455-1888173826
> SID blacklist incoming: S-1-0, S-1-1, S-1-2, S-1-3, S-1-5-1, S-1-5-2,
>S-1-5-3, S-1-5-4, S-1-5-5, S-1-5-6, S-1-5-7, S-1-5-8, S-1-5-9, S-1-5-10,
>S-1-5-11,
> S-1-5-12, S-1-5-13, S-1-5-14, S-1-5-15, S-1-5-16,
>S-1-5-17, S-1-5-18, S-1-5-19, S-1-5-20
> SID blacklist outgoing: S-1-0, S-1-1, S-1-2, S-1-3, S-1-5-1, S-1-5-2,
>S-1-5-3, S-1-5-4, S-1-5-5, S-1-5-6, S-1-5-7, S-1-5-8, S-1-5-9, S-1-5-10,
>S-1-5-11,
> S-1-5-12, S-1-5-13, S-1-5-14, S-1-5-15, S-1-5-16,
>S-1-5-17, S-1-5-18, S-1-5-19, S-1-5-20
> Trust direction: Two-way trust
> Trust type: Active Directory domain
> Trust status: Established and verified
>
>this is what it should give noe?
>
>How can i check the trust is correct or not.?
Try:
$ kinit admin
$ KRB5_TRACE=/dev/stderr kvno -S cifs ad.domain.controller.fqdn
and show the output.
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list