[Freeipa-users] AD Trust Issues
Martin Kosek
mkosek at redhat.com
Tue Sep 15 06:38:54 UTC 2015
Rough FreeIPA 4.2.1 equivalent should be in RHEL-7.2 - Beta is already out:
https://www.redhat.com/en/about/blog/red-hat-enterprise-linux-72-beta-now-available
On 09/14/2015 04:13 PM, Matt Wells wrote:
> Is the fix in CentOS or RHEL yet?
>
> On Fri, Sep 11, 2015 at 1:34 PM, Alexander Bokovoy <abokovoy at redhat.com>
> wrote:
>
>> On Fri, 11 Sep 2015, Matt Wells wrote:
>>
>>> I've been working on an AD trust with our freeipa servers but have run
>>> into
>>> some of the same issues others have had.
>>> It's well documented here however I feel I've mitigated these -
>>> https://bugzilla.redhat.com/show_bug.cgi?id=1219832
>>>
>>> Freeipa Servers are Fedora 22 / freeipa-server-4.2.0
>>> The Samba version i'm on is well past the patched version. It seems the
>>> patch is in samba-4.2.1-7.fc22 and I'm on samba-4.2.3-0 (assuming the
>>> patch
>>> is in this version).
>>>
>>> I run
>>> # echo Password123 | ipa trust-add --type=ad ad.example.com
>>> --trust-secret
>>> ipa: ERROR: CIFS server configuration does not allow access to
>>> \\pipe\lsarpc
>>>
>> This was looking like a partial fix. The full fix is in Fedora 23 with
>> FreeIPA 4.2.1 release (we didn't yet officially announced it).
>>
>> We were all busy at FreeIPA/SSSD gathering in Brno this week so there
>> wasn't really time to do Fedora 22 backport of the fixes yet.
>>
>> --
>> / Alexander Bokovoy
>>
>
>
>
>
>
More information about the Freeipa-users
mailing list