On 12/18/2012 03:30 PM, Sumit Bose wrote:
On Tue, Dec 18, 2012 at 03:16:47PM -0500, John Dennis wrote:
On 12/18/2012 01:26 PM, Andre Rodrigues wrote:
Hi all,
I'm testing AD trust following this how to:
http://www.freeipa.org/page/IPAv3_testing_AD_trust
but when I set "ipa dnszone-add" I get this:
[root@m ~] ipa dnszone-add <AD.DOMAIN> --name-server=<AD.NAME
<http://AD.NAME>> --admin-email=<MY.EMAIL> --force --forwarder=<AD.IP>
–forward-policy=only
ipa: ERROR: unable to parse cookie header
'ipa_session=f963e8e4006fdcd79e1a2a5a989b4d01; Domain=<IPA.DOMAIN>;
Path=/ipa; Expires=Thu, 18 Dec 2012 13:54:33 GMT; Secure; HttpOnly':
unable to parse expires datetime 'Thu, 18 Dec 2012 13:54:33'
This is an error message from something I wrote. I can't explain why
it can't parse the expires cookie attribute because using the value
cited in the error message it parses just fine. The only thing I can
think of is that the time module was not imported in cookie.py, but
in my copy of the file it is imported.
However one thing I did immediately notice, the cookie has
Domain=<IPA.DOMAIN>, that's not valid, it's supposed to be a FQDN.
What is the value of xmlrpc_uri in your /etc/ipa/default.conf?
and when I set "ipa trust-add" I get the following error:
[root@m ~] ipa trust-add --type=ad <AD.DOMAIN> --admin Adminstrator
--password
Active directory domain administrator's password:
ipa: ERROR: unable to parse cookie header
'ipa_session=7d6aeb2c92ff3197a9d3c04421f6ba15; Domain=<IPA.DOMAIN>;
Path=/ipa; Expires=Tue, 18 Dec 2012 18:32:05 GMT; Secure; HttpOnly':
unable to parse expires datetime 'Tue, 18 Dec 2012 18:32:05'
Sorry, someone else will have to help you with the below:
I guess this error message is just triggered by the cookie error.
In theory no, the inability to process a cookie should do nothing other
than log the fact, everything else should proceed as normal (without
cookies you just get slower performance, but it should continue to work).
However, the values in the cookie show something is very wrong with the
configuration.
Please provide the contents of /etc/ipa/default.conf.
Do you have a .ipa/default.conf file set? If so that overrides the
values in /etc/ipa/default.conf. If you have that as well please provide
that as well.
Adding verbose debugging information will help. Add the -d option to the
ipa command to turn on debug level information and capture the output.
Those messages will help us diagnose the problem.
bye,
Sumit
ipa: ERROR: Cannot perform join operation without Samba 4 support installed.
Make sure you have installed
server-trust-ad sub-package of IPA
but I have the server-trust-ad installed:--
--
John Dennis <jden...@redhat.com>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
