[Freeipa-users] Re: ipa: ERROR: Cannot find specified domain or server name

Fri, 19 Jul 2024 12:37:44 -0700 

Johnnie W Adams wrote:
> So I adjusted my command line to point at the entire forest and not a
> single domain controller, and got both a trust and a much more
> interesting error:
> 
> ipa: INFO: Response: {
> 
>     "error": {
> 
>         "code": 906,
> 
>         "data": {
> 
>             "error": "Fetching domains from trusted forest failed. See
> details in the error_log",
> 
>             "server": "rhidm1.net.example.com
> <http://rhidm1.net.example.com>"
> 
>         },
> 
>         "message": "error on server 'rhidm1.net.example.com
> <http://rhidm1.net.example.com>': Fetching domains from trusted forest
> failed. See details in the error_log",
> 
>         "name": "ServerCommandError"
> 
>     },
> 
>     "id": 0,
> 
>     "principal": "[email protected] <mailto:[email protected]>",
> 
>     "result": null,
> 
>     "version": "4.11.0"
> 
> }
> 
> ipa: ERROR: error on server 'rhidm1.net.example.com
> <http://rhidm1.net.example.com>': Fetching domains from trusted forest
> failed. See details in the error_log
> 
> 
> From the error_log:
> 
> 
> [Fri Jul 19 12:31:51.363222 2024] [wsgi:error] [pid 522388:tid 522652]
> [remote <ip address>:39124] ipa: ERROR: Helper fetch_domains was called
> for forest ad.test.example.com <http://ad.test.example.com>, return code
> is 1
> 
> [Fri Jul 19 12:31:51.363750 2024] [wsgi:error] [pid 522388:tid 522652]
> [remote <ip address>:39124] ipa: ERROR: Standard output from the helper:
> 
> 
> <snip>
> 
> 
> [Fri Jul 19 12:31:51.364596 2024] [wsgi:error] [pid 522388:tid 522652]
> [remote <ip address>:39124] ipa: ERROR: environment: environ({'LANG':
> 'en_US.UTF-8', 'PATH':
> '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin', 'PIDFILE':
> '/run/oddjobd.pid', 'INVOCATION_ID': '002ac795667b4ab983ffa100b2f47dd8',
> 'JOURNAL_STREAM': '8:36642766', 'SYSTEMD_EXEC_PID': '487987', 'LC_ALL':
> 'C.UTF-8', 'ODDJOB_SERVICE_NAME': 'com.redhat.idm.trust',
> 'ODDJOB_OBJECT_PATH': '/', 'ODDJOB_INTERFACE_NAME':
> 'com.redhat.idm.trust', 'ODDJOB_METHOD_NAME': 'fetch_domains',
> 'ODDJOB_CALLING_USER': 'ipaapi', 'KRB5_CONFIG': '/etc/krb5.conf',
> 'KRB5CCNAME': '/run/ipa/krb5cc_oddjob_trusts_fetch'})
> 
> 
> What am I looking at? What am I missing?
> 

Is DNSSEC enabled? See https://access.redhat.com/solutions/2263991

rob

-- 
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Reply via email to