[Freeipa-users] Can't establish trust with 2008 AD

[pgb205]

The setup is:AD 2008 domain,Latest version of FreeIpa with integrated DNS,As the AD domain is not known to any DNS servers on the network I have
created a stub zone in Freeipa integrated dns server addomain.com,and created A-record for DC.addomain.comas well as _ldap.tcp.addomain.com and _kerberos.udp.addomain.comand checked with dig that they resolve correctly, 138/139/145/389 are opened between the servers on both tcp and udp portsipv6 enabled on the FreeIpa server. I am using pre-shared secret to establish the trust
Run:ipa trust-add --type=ad addomain.com --trust-secret  <pre-shared key>
and receive:
ipa: ERROR: CIFS server communication error: code "None",                  message "NT_STATUS_IO_TIMEOUT" (both may be "None")

I've enabled the logs as described in debugging section (I would be glad to forward the whole thing if needed)However, relevant error that I see is :
finddcs: DNS SRV response 0 at '<ipaddr>'finddcs: performing CLDAP query on <ipaddr>s4_tevent: Added timed event "tevent_req_timedout": 0x7f21302a8b10s4_tevent: Schedule immediate event "tevent_req_trigger": 0x7f2130025090s4_tevent: Run immediate event "tevent_req_trigger": 0x7f2130025090s4_tevent: Added timed event "tevent_req_timedout": 0x7f213025cb90s4_tevent: Running timer event 0x7f213025cb90 "tevent_req_timedout"s4_tevent: Schedule immediate event "tevent_req_trigger": 0x7f2130045b50s4_tevent: Ending timer event 0x7f213025cb90 "tevent_req_timedout"s4_tevent: Run immediate event "tevent_req_trigger": 0x7f2130045b50s4_tevent: Added timed event "tevent_req_timedout": 0x7f213025cb90s4_tevent: Running timer event 0x7f213025cb90 "tevent_req_timedout"s4_tevent: Schedule immediate event "tevent_req_trigger": 0x7f213001d230s4_tevent: Ending timer event 0x7f213025cb90 "tevent_req_timedout"s4_tevent: Run immediate event "tevent_req_trigger": 0x7f213001d230s4_tevent: Added timed event "tevent_req_timedout": 0x7f213025cb90s4_tevent: Running timer event 0x7f21302a8b10 "tevent_req_timedout"s4_tevent: Destroying timer event 0x7f213025cb90 "tevent_req_timedout"finddcs: No matching CLDAP server founds4_tevent: Ending timer event 0x7f21302a8b10 "tevent_req_timedout"[Thu Jun 09 20:39:38.703506 2016] [:error] [pid 2503] ipa: INFO: [jsonserver_session] admin@<ipadomain.com>: trust_add(u'addomain.com', trust_type=u'ad', trust_secret=u'********', all=False, raw=False, version=u'2.156'): RemoteRetrieveError
Once again I would be glad to provide entire logs if needed. But would be grateful for suggestions on how to resolve the above error.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160609/fa3de78d/attachment.htm>