Hello,
I try to configure trust between a FreeIPA domain and Active Directory. They
are both in different domains (ipa domain: ipadev.test.local , ad domain:
iam.intern ) and use external DNS. I have configured/verified all
prerequisites, but when I run ipa trust-add command, I get the following error:
ipa: ERROR: AD domain controller complains about communication sequence. It may
mean unsynchronized time on both sides, for example
I have enabled debug for samba but I cannot make much sense from the debug
information in error.log :
s4_tevent: Added timed event "composite_trigger": 0x7f9324240e30
s4_tevent: Ending timer event 0x7f932424ed50 "composite_trigger"
s4_tevent: Running timer event 0x7f9324240e30 "composite_trigger"
s4_tevent: Ending timer event 0x7f9324240e30 "composite_trigger"
s4_tevent: Added timed event "connect_multi_timer": 0x7f9324240cc0
s4_tevent: Schedule immediate event "tevent_req_trigger": 0x7f9324403310
s4_tevent: Run immediate event "tevent_req_trigger": 0x7f9324403310
s4_tevent: Destroying timer event 0x7f9324240cc0 "connect_multi_timer"
Socket options:
SO_KEEPALIVE = 0
SO_REUSEADDR = 0
SO_BROADCAST = 0
TCP_NODELAY = 1
TCP_KEEPCNT = 9
TCP_KEEPIDLE = 300
TCP_KEEPINTVL = 75
IPTOS_LOWDELAY = 0
IPTOS_THROUGHPUT = 0
SO_REUSEPORT = 0
SO_SNDBUF = 2626560
SO_RCVBUF = 1061808
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
TCP_QUICKACK = 1
TCP_DEFER_ACCEPT = 0
s4_tevent: Added timed event "tevent_req_timedout": 0x7f932424ed50
s4_tevent: Schedule immediate event "tevent_queue_immediate_trigger":
0x7f9324240cc0
s4_tevent: Run immediate event "tevent_queue_immediate_trigger": 0x7f9324240cc0
s4_tevent: Destroying timer event 0x7f932424ed50 "tevent_req_timedout"
s4_tevent: Schedule immediate event "tevent_req_trigger": 0x7f932425c370
s4_tevent: Run immediate event "tevent_req_trigger": 0x7f932425c370
s4_tevent: Added timed event "tevent_req_timedout": 0x7f9324016970
Starting GENSEC mechanism spnego
SPNEGO: Could not find a suitable mechtype in NEG_TOKEN_INIT
s4_tevent: Schedule immediate event "tevent_req_trigger": 0x7f9324403310
s4_tevent: Run immediate event "tevent_req_trigger": 0x7f9324403310
s4_tevent: Destroying timer event 0x7f9324016970 "tevent_req_timedout"
s4_tevent: Destroying timer event 0x7f932401f730
"dcerpc_connect_timeout_handler"
[Tue Mar 09 09:51:12.685725 2021] [wsgi:error] [pid 29053:tid 140270172727040]
[remote 10.30.214.119:36488] ipa: INFO: [jsonserver_session]
cifs/[email protected]: trust_add/1(u'IAM.INTERN',
trust_type=u'ad', realm_admin=u'admin', realm_passwd=u'********',
realm_server=u'10.30.201.46', version=u'2.232'): RemoteRetrieveError
Any idea what should I look into ?
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
