Hi,
I'm running an OmniOS v11 r151028v and I try to make an domain join to an FreeIPA. I tried to setup it with the manuals/hints from asenjo.nl, freeipa.org and docs.oracle.com. The ldapclient itself is working and I can get informations from ipa-server like "id username". Ntpdate to this ipa-server is running also. But the join to the domain fails always with "(DOMAIN_CONTROLLER_NOT_FOUND)". I've no idea what is the problem anymore and hope that someone of you can help me.
My files looks like:
/var/ldap/ldap_client_file
/etc/krb5/krb5.conf
/etc/nsswitch.conf
I also tried without ldap-option in nsswitch.conf. That didn't work too. Has someone an idea, what I'm doing wrong or what I should try?
I'm running an OmniOS v11 r151028v and I try to make an domain join to an FreeIPA. I tried to setup it with the manuals/hints from asenjo.nl, freeipa.org and docs.oracle.com. The ldapclient itself is working and I can get informations from ipa-server like "id username". Ntpdate to this ipa-server is running also. But the join to the domain fails always with "(DOMAIN_CONTROLLER_NOT_FOUND)". I've no idea what is the problem anymore and hope that someone of you can help me.
My files looks like:
/var/ldap/ldap_client_file
Code:
NS_LDAP_FILE_VERSION= 2.0
NS_LDAP_SERVERS= ipa.dom
NS_LDAP_SEARCH_BASEDN= dc=dom
NS_LDAP_AUTH= sasl/GSSAPI
NS_LDAP_CACHETTL= 0
NS_LDAP_CREDENTIAL_LEVEL= self
NS_LDAP_SERVICE_SEARCH_DESC= passwd:cn=users,cn=accounts,dc=dom
NS_LDAP_SERVICE_SEARCH_DESC= group:cn=groups,cn=compat,dc=dom
NS_LDAP_OBJECTCLASSMAP= shadow:shadowAccount=posixAccount
Code:
[libdefaults]
default_realm = DOM
[realms]
DOM = {
kdc = ipa.dom
admin_server = ipa.dom
kpasswd_server = ipa.dom
kpasswd_protocol = SET_CHANGE
}
[domain_realm]
dom = DOM
.dom = DOM
[logging]
....
[appdefaults]
kinit = {
renewable = true
forwardable= true
}
/etc/nsswitch.conf
Code:
passwd: files ldap
group: files ldap
hosts: files dns ldap
ipnodes: files dns ldap
networks: files ldap
protocols: files ldap
rpc: files ldap
ethers: files ldap
netmasks: files ldap
bootparams: files ldap
publickey: files ldap
netgroup: ldap
automount: files ldap
aliases: files ldap
services: files ldap
printers: user files ldap
auth_attr: files ldap
prof_attr: files ldap
project: files ldap
tnrhtp: files ldap
tnrhdb: files ldap