freeipa

Clone
Source Code
GIT

#5183 ipa trust-add failed CIFS server configuration does not allow access to \\pipe\lsarpc
Closed: Fixed None Opened 8 years ago by mkosek.

Closed: Fixed
Reopen Issue

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1249455

Description of problem:

I'm seeing failures on ipa trust-add.

ipa: ERROR: CIFS server configuration does not allow access to \\pipe\lsarpc


Version-Release number of selected component (if applicable):
ipa-server-4.2.0-3.el7.x86_64
samba-4.2.3-4.el7.x86_64


How reproducible:
always (at least in test

Steps to Reproduce:
1.  Setup IPA server
2.  Configure DNS resolution between IPA and AD server.  For test purposes,
this means setup forwarders on IPA to AD and on AD to IPA.
3.  ipa-adtrust-install
4.  ipa trust-add

Actual results:

Fails with error above.

Expected results:

Adds trust

Additional info:

http error:

[Sun Aug 02 18:41:23.236780 2015] [:error] [pid 27312] ipa: INFO:
[jsonserver_kerb] admin@SPOORE1.TEST: trust_add(u'adtest.qe', trust_type=u'ad',
realm_admin=u'Administrator', realm_passwd=u'********', all=False, raw=False,
version=u'2.147'): RemoteRetrieveError

Alexander already sent patch to freeipa-devel - see 0194.

master:

  • ee377a2 Fix selector of protocol for LSA RPC binding string
  • c906784 dcerpc: Simplify generation of LSA-RPC binding strings

ipa-4-2:

  • ef781dd Fix selector of protocol for LSA RPC binding strings
  • 04bf609 dcerpc: Simplify generation of LSA-RPC binding strings

Metadata Update from @mkosek:
- Issue assigned to abbra
- Issue set to the milestone: FreeIPA 4.2.1
7 years ago

Login to comment on this ticket.

Metadata
None
None
None
important
None
None
None
None
defect
None
None
Trusts
None
1
None
None
None
None
https://bugzilla.redhat.com/show_bug.cgi?id=1249455
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.