I modified /etc/sysconfig/network
HOSTNAME=kdc.ipa.asenjo.nx
rebooted the host. Re-ran
# smbclient -L kdc.ipa.asenjo.nx -klp_load_ex: changing to config backend
registry
Domain=[IPA] OS=[Unix] Server=[Samba 4.0.0rc4]
Sharename Type Comment
--------- ---- -------
IPC$ IPC IPC Service (Samba 4.0.0rc4)
Domain=[IPA] OS=[Unix] Server=[Samba 4.0.0rc4]
Tha was ok.
re-ran:
# ipa trust-add --type=ad ad.asenjo.nx --admin Administrator --password
Active directory domain administrator's password:
-----------------------------------------------------
Added Active Directory trust for realm "ad.asenjo.nx"
-----------------------------------------------------
Realm name: ad.asenjo.nx
Domain NetBIOS name: AD
Domain Security Identifier: S-1-5-21-2508008360-1834726910-79835928
Trust direction: Two-way trust
Trust type: Active Directory domain
Trust status: Established and verified
And it is working :-)
Awesome.
Thanks!
--
groet,
natxo
--
Groeten,
natxo
On Fri, Apr 19, 2013 at 12:11 PM, Sumit Bose <[email protected]> wrote:
> On Fri, Apr 19, 2013 at 11:45:47AM +0200, Natxo Asenjo wrote:
> > I saw there is a log in /var/log/samba/log.wb-IPA
> >
> > The log complains about missing keys for the spn for the hostname (not
> the
> > fqdn, just the hostname):
> >
> > Connection to LDAP server failed for the 15 try!
> > [2013/04/19 11:39:22.352522, 0] ipa_sam.c:3689(bind_callback_cleanup)
> > kerberos error: code=-1765328203, message=Keytab contains no suitable
> > keys for cifs/[email protected]
>
> Can you check if
>
> $ hostname
>
> returns the fully qualified hostname, if not, please fix this, call
> ipactl stop and ipactl start and try again.
>
> bye,
> Sumit
>
> >
> >
> > --
> > Groeten,
> > natxo
>
_______________________________________________
Freeipa-users mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-users
