[Freeipa-users] AD Trust Issues

Mon Sep 14 14:13:33 UTC 2015

Is the fix in CentOS or RHEL yet?

On Fri, Sep 11, 2015 at 1:34 PM, Alexander Bokovoy <abokovoy at redhat.com>
wrote:

> On Fri, 11 Sep 2015, Matt Wells wrote:
>
>> I've been working on an AD trust with our freeipa servers but have run
>> into
>> some of the same issues others have had.
>> It's well documented here however I feel I've mitigated these -
>> https://bugzilla.redhat.com/show_bug.cgi?id=1219832
>>
>> Freeipa Servers are Fedora 22 / freeipa-server-4.2.0
>> The Samba version i'm on is well past the patched version.  It seems the
>> patch is in samba-4.2.1-7.fc22 and I'm on samba-4.2.3-0 (assuming the
>> patch
>> is in this version).
>>
>> I run
>> # echo Password123 | ipa trust-add --type=ad ad.example.com
>> --trust-secret
>> ipa: ERROR: CIFS server configuration does not allow access to
>> \\pipe\lsarpc
>>
> This was looking like a partial fix. The full fix is in Fedora 23 with
> FreeIPA 4.2.1 release (we didn't yet officially announced it).
>
> We were all busy at FreeIPA/SSSD gathering in Brno this week so there
> wasn't really time to do Fedora 22 backport of the fixes yet.
>
> --
> / Alexander Bokovoy
>

-- 
Matt Wells
Chief Systems Architect
RHCA, RHCVA - #110-000-353
(702) 808-0424
matt.wells at mosaic451.com
 Las Vegas | Phoenix | Portland Mosaic451.com
CONFIDENTIALITY NOTICE: This transmittal is a confidential communication or
may otherwise be privileged. If you are not intended recipient, you are
hereby notified that you have received this transmittal in error and that
any review, dissemination, distribution or copying of this transmittal is
strictly prohibited. If you have received this communication in error,
please notify this office, and immediately delete this message and all its
attachments, if any.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150914/d96c0b49/attachment.htm>