Hi, I have successfully established a trust in my lab environment running IPA 4.1 (RHEL7.1) and a Windows 2008 R2 domain with Windows 2003 domain/forest functional levels. I'm now trying to establish a trust with my production AD domain (same functional level). The only difference is that my production domain (ad.domain.lan) is a child-domain of a forest named domain.lan. There is no forest in my lab envrionment. I'm getting the following error when running 'ipa trust-add':
# ipa trust-add --type ad ad.domain.lan --range-type=ipa-ad-trust --admin jbadmin --password Active Directory domain administrator's password: ipa: ERROR: Domain 'ad.domain.lan' is not a root domain for forest 'domain.lan' Any ideas? Thanks, Josh
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
