Hi
I'm currently trying to setup a trust between IPA and Samba AD but I keep running into some issues.
IPA is running on CentOS 7
VERSION: 4.4.0, API_VERSION: 2.213
ipa01.cloud.ymo.lab, Netbios CLOUD, domain cloud.ymo.lab
Samba is running on CentOS7
dc01.win.ymo.lab, Netbios WIN, domain win.ymo.lab
Both are fresh installs. Samba is running Bind DLZ as DNS backend. DNS forwarding is working correctly.
[root@ipa01 ~]# dig +short srv _ldap._tcp.{cloud,win}.ymo.lab
0 100 389 ipa01.cloud.ymo.lab.
0 100 389 dc01.win.ymo.lab.
[root@ipa01 ~]# dig +short {cloud,win}.ymo.lab
10.0.0.195
10.0.0.196
[root@dc01 bin]# dig +short srv _ldap._tcp.{cloud,win}.ymo.lab
0 100 389 ipa01.cloud.ymo.lab.
0 100 389 dc01.win.ymo.lab.
[root@dc01 bin]# dig +short {cloud,win}.ymo.lab
10.0.0.195
10.0.0.196
I'm currently stuck on adding the trust:
[root@ipa01 ~]# ipa trust-add --type=ad win.ymo.lab --admin Administrator --password --two-way=true
Active Directory domain administrator's password:
ipa: ERROR: CIFS server communication error: code "1315", message "WERR_INVALID_ACCOUNT_NAME" (both may be "None")
I've attached the /var/log/httpd/error_log on the IPA side and the output of Samba running with debug level 7.
Does anyone know how I can get past this?
Thanks
Yuri