Johnnie W Adams via FreeIPA-users wrote:
Hi, folks,
Everywhere I check, I see this error associated with firewall issues. To get around that, I put my box on the same network segment as the ad boxes. No firewall between them. But I am still getting this message when I try to create a trust: ipa: ERROR: Cannot find specified domain or server name
The error in /var/log/httpd is:
[wsgi:error] [pid 506950:tid 507279] [remote <ip address>:53320] ipa: INFO: [jsonserver_session] admin@NET.EXAMPLE.COM mailto:admin@NET.EXAMPLE.COM: trust_add/1('adtest1.ad.test.example.com http://adtest1.ad.test.example.com', trust_type='ad', realm_admin='me', realm_passwd='********', range_type='ipa-ad-trust', version='2.253'): NotFound
Any thoughts? What exactly is being not found?
You need to enable debugging and re-run 'ipa trust-add':
- set 'log level = 50' in /usr/share/ipa/smb.conf.empty - Add [global] debug = True in /etc/ipa/server.conf (create file if missing) - restart httpd (systemctl restart httpd) - re-try 'ipa trust-add'
Then look into what was logged in /var/log/httpd/error_log.
Also look on the AD side to see if the trust was created.
rob