Rob Crittenden wrote:
Martin Nagy wrote:
with these patches, the user will be able to install DNS additionally,
after ipa-server-install. No --uninstall yet, however. I do have it in
my tree, but it causes a lot of problems. Hopefully, I'll manage to
solve them later. Thanks.


Nack, it isn't working for me:

# ipa-dns-install

The log file for this installation can be found in /var/log/ipaserver-install.log ==============================================================================
This program will setup DNS for the FreeIPA Server.

This includes:
  * Configure DNS (bind)

To accept the default shown in brackets, press the Enter key.

Existing BIND configuration detected, overwrite? [no]: y
Enter IP address for a DNS forwarder (empty to stop):
No DNS forwarders configured
Directory Manager password:

The following operations may take some minutes to complete.
Please wait until the prompt is returned.

Unexpected error - see ipaserver-install.log for details:
{'info': 'Unauthenticated binds are not allowed', 'desc': 'Server is unwilling to perform'}

There is nothing in the install log, 389 access log had:

[21/Jan/2010:16:50:37 -0500] conn=22 fd=70 slot=70 connection from localhost to localhost [21/Jan/2010:16:50:37 -0500] conn=22 op=0 BIND dn="cn=Directory Manager" method=128 version=3 [21/Jan/2010:16:50:37 -0500] conn=22 op=0 RESULT err=53 tag=97 nentries=0 etime=0
[21/Jan/2010:16:50:37 -0500] conn=22 op=1 UNBIND
[21/Jan/2010:16:50:37 -0500] conn=22 op=1 fd=70 closed - U1

It also throws an exception if you press ^C at the prompts.


I had a discussion with Martin in irc about this. The patch actually does work it just doesn't handle the case where you don't get a DM password. I'm still nacking this particular patch due to this but the first two patches are fine, so ack for those and I'm pushing them to master.


Freeipa-devel mailing list

Reply via email to