On Tue, Aug 01, 2017 at 11:20:16AM -0000, Igor Sever via FreeIPA-users wrote: > I have the same error. > I established two-way trust with AD which went fine. > Authentication with Kerberos to AD is working. > Since I have one test FreeIPA which is working correctly (relatively) I > compared logs and pinpointed problem to strange LDAP search which is FreeIPA > sending to DC: > (&(sAMAccountName=domain\20admins)(objectClass=group)(sAMAccountName=*)(&(gidNumber=*)(!(gidNumber=0)))) > This LDAP query is of course not working on AD. I don’t know why FreeIPA is > sending this kind of query to AD in this case? > Only difference that I can think of in this case is that I didn’t establish > trust in two steps, but in one step from FreeIPA using command switch > --two-way=true.
Pardon my ignorance, but what part of that query doesn't work? _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org