Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 8): Bug 1924707
Description of problem: When trying to establish trust with AD domain with IPA in FIPS mode creation of Windows side of trust fails with "Access denied" Version-Release number of selected component (if applicable): ipa-server-4.9.1-1.module+el8.4.0+9665+c9815399.x86_64 How reproducible: Always Steps to Reproduce: 1. Execute test suite: freeipa/ipatests/test_integration/test_trust.py 2. Look at results of test case "test_establish_forest_trust_with_shared_secret" Actual results: transport.py 513 DEBUG RUN ['powershell', '-c', '[System.Direc toryServices.ActiveDirectory.Forest]::getCurrentForest().CreateLocalSideOfTrust Relationship("testrelm.test", 1, "qwertyuiopQq!1")'] transport.py 558 DEBUG bash: line 2: /home/Administrator/env.sh: No such file or directory transport.py 558 DEBUG Exception calling "CreateLocalSideOfTrustRelationship" with "3" argument(s): "Access is denied. transport.py 558 DEBUG " transport.py 558 DEBUG At line:1 char:1 transport.py 558 DEBUG + [System.DirectoryServices.ActiveDirectory.Forest]::getCurrentForest() ... transport.py 558 DEBUG + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ transport.py 558 DEBUG + CategoryInfo : NotSpecified: (:) [], MethodInvocationException transport.py 558 DEBUG + FullyQualifiedErrorId : UnauthorizedAccessException transport.py 558 DEBUG transport.py 214 ERROR Exit code: 1 Additional info: The test succeeds in non-FIPS mode in otherwise equivalent environment.
Metadata Update from @frenaud: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1924707
master:
ipa-4-9:
Metadata Update from @pcech: - Issue set to the milestone: FreeIPA 4.9
Login to comment on this ticket.