[Freeipa-users] AD Trust failed with 'CIFS server configurationdoes not allow access to \\pipe\lsarpc'

Alexander Bokovoy abokovoy at redhat.com
Sun May 1 14:27:50 UTC 2016 

On Sun, 01 May 2016, Matrix wrote:
>Hi, Alexander
>
>log from /var/log/httpd/error_log
>
>lpcfg_load: refreshing parameters from /usr/share/ipa/smb.conf.empty
>Processing section "[global]"
>INFO: Current debug levels:
>  all: 100
>  tdb: 100
>  printdrivers: 100
>  lanman: 100
>  smb: 100
>  rpc_parse: 100
>  rpc_srv: 100
>  rpc_cli: 100
>  passdb: 100
>  sam: 100
>  auth: 100
>  winbind: 100
>  vfs: 100
>  idmap: 100
>  quota: 100
>  acls: 100
>  locking: 100
>  msdfs: 100
>  dmapi: 100
>  registry: 100
>  scavenger: 100
>  dns: 100
>  ldb: 100
>pm_process() returned Yes
>Using binding ncacn_np:ipaserver.dev.example.net[,print,smb2]
>s4_tevent: Added timed event "dcerpc_connect_timeout_handler": 0x7f1c1c0ff6b0
>s4_tevent: Added timed event "composite_trigger": 0x7f1c1c458350
>s4_tevent: Added timed event "composite_trigger": 0x7f1c1c45ba70
>s4_tevent: Running timer event 0x7f1c1c458350 "composite_trigger"
>s4_tevent: Destroying timer event 0x7f1c1c45ba70 "composite_trigger"
>Mapped to DCERPC endpoint \pipe\lsarpc
>added interface eth0 ip=192.168.10.241 bcast=192.168.11.255 netmask=255.255.254.0
>added interface eth0 ip=192.168.10.241 bcast=192.168.11.255 netmask=255.255.254.0
>resolve_lmhosts: Attempting lmhosts lookup for name ipaserver.dev.example.net<0x20>
>getlmhostsent: lmhost entry: 127.0.0.1 localhost
>s4_tevent: Added timed event "composite_trigger": 0x7f1c1c46d740
>s4_tevent: Ending timer event 0x7f1c1c458350 "composite_trigger"
>s4_tevent: Running timer event 0x7f1c1c46d740 "composite_trigger"
>s4_tevent: Ending timer event 0x7f1c1c46d740 "composite_trigger"
>s4_tevent: Added timed event "connect_multi_timer": 0x7f1c1c242c70
>s4_tevent: Schedule immediate event "tevent_req_trigger": 0x7f1c1c04d750
>s4_tevent: Run immediate event "tevent_req_trigger": 0x7f1c1c04d750
>s4_tevent: Destroying timer event 0x7f1c1c242c70 "connect_multi_timer"
>Socket options:
>        SO_KEEPALIVE = 0
>        SO_REUSEADDR = 0
>        SO_BROADCAST = 0
>        TCP_NODELAY = 1
>        TCP_KEEPCNT = 9
>        TCP_KEEPIDLE = 7200
>        TCP_KEEPINTVL = 75
>        IPTOS_LOWDELAY = 0
>        IPTOS_THROUGHPUT = 0
>        SO_REUSEPORT = 0
>        SO_SNDBUF = 2626560
>        SO_RCVBUF = 1061296
>        SO_SNDLOWAT = 1
>        SO_RCVLOWAT = 1
>        SO_SNDTIMEO = 0
>        SO_RCVTIMEO = 0
>        TCP_QUICKACK = 1
>        TCP_DEFER_ACCEPT = 0
>s4_tevent: Added timed event "tevent_req_timedout": 0x7f1c1c2e3430
>s4_tevent: Schedule immediate event "tevent_queue_immediate_trigger": 0x7f1c1c2dd3d0
>s4_tevent: Run immediate event "tevent_queue_immediate_trigger": 0x7f1c1c2dd3d0
>s4_tevent: Destroying timer event 0x7f1c1c2e3430 "tevent_req_timedout"
>s4_tevent: Schedule immediate event "tevent_req_trigger": 0x7f1c1c04d600
>s4_tevent: Run immediate event "tevent_req_trigger": 0x7f1c1c04d600
>Starting GENSEC mechanism spnego
>Starting GENSEC submechanism gssapi_krb5
>Ticket in credentials cache for admin at DEV.EXAMPLE.NET will expire in 84175 secs
>s4_tevent: Added timed event "tevent_req_timedout": 0x7f1c1c42a450
>s4_tevent: Schedule immediate event "tevent_queue_immediate_trigger": 0x7f1c1c2dd3d0
>s4_tevent: Run immediate event "tevent_queue_immediate_trigger": 0x7f1c1c2dd3d0
>s4_tevent: Destroying timer event 0x7f1c1c42a450 "tevent_req_timedout"
>s4_tevent: Schedule immediate event "tevent_req_trigger": 0x7f1c1c2ad220
>s4_tevent: Run immediate event "tevent_req_trigger": 0x7f1c1c2ad220
>gensec_gssapi: NO credentials were delegated
>GSSAPI Connection will be cryptographically sealed
>s4_tevent: Added timed event "tevent_req_timedout": 0x7f1c1c3e7650
>signed SMB2 message
>s4_tevent: Schedule immediate event "tevent_queue_immediate_trigger": 0x7f1c1c2dd3d0
>s4_tevent: Run immediate event "tevent_queue_immediate_trigger": 0x7f1c1c2dd3d0
>s4_tevent: Destroying timer event 0x7f1c1c3e7650 "tevent_req_timedout"
>s4_tevent: Schedule immediate event "tevent_req_trigger": 0x7f1c1c2ad220
>s4_tevent: Run immediate event "tevent_req_trigger": 0x7f1c1c2ad220
>s4_tevent: Added timed event "tevent_req_timedout": 0x7f1c1c4441c0
>signed SMB2 message
>s4_tevent: Schedule immediate event "tevent_queue_immediate_trigger": 0x7f1c1c2dd3d0
>s4_tevent: Run immediate event "tevent_queue_immediate_trigger": 0x7f1c1c2dd3d0
>s4_tevent: Destroying timer event 0x7f1c1c4441c0 "tevent_req_timedout"
>s4_tevent: Schedule immediate event "tevent_req_trigger": 0x7f1c1c05db70
>s4_tevent: Run immediate event "tevent_req_trigger": 0x7f1c1c05db70
>s4_tevent: Added timed event "tevent_req_timedout": 0x7f1c1c47fd40
>signed SMB2 message
>s4_tevent: Schedule immediate event "tevent_queue_immediate_trigger": 0x7f1c1c2dd3d0
>s4_tevent: Run immediate event "tevent_queue_immediate_trigger": 0x7f1c1c2dd3d0
>s4_tevent: Destroying timer event 0x7f1c1c47fd40 "tevent_req_timedout"
>s4_tevent: Schedule immediate event "tevent_req_trigger": 0x7f1c1cb553c0
>s4_tevent: Run immediate event "tevent_req_trigger": 0x7f1c1cb553c0
>s4_tevent: Destroying timer event 0x7f1c1c0ff6b0 "dcerpc_connect_timeout_handler"
Ok, so it is local smbd not answering well. This warrants going with the
full logs procedure as described in
http://www.freeipa.org/page/Active_Directory_trust_setup#Debugging_trust


-- 
/ Alexander Bokovoy

More information about the Freeipa-users mailing list