Derek Moore wrote:
Setting /etc/hostname manually and several restarts and reboots later, I
finally got the install to work (mostly) properly again last night.

But I still cannot get the XML-RPC server to function properly, the end
of the install script fails on /usr/sbin/ipa-client-install:

   ipalib.errors.NetworkError: cannot connect to
'': Internal Server Error

I can't get passed the "No credentials cache found" error in Apache. The
credentials cache it's looking for is httpd's keytab?

We're fighting some issues with changes in support libraries.

If you have openldap-2.4.35-3, the default value of SASL_NOCANON changed to on (at our request ironically) which breaks ldapi requests, which we also use. For 3.1.x and 3.2pre1 or beta1 I believe the only solution is to downgrade openldap. We are working with upstream and have provided a patch to the Fedora maintainer to mitigate this but it is yet unresolved.

If you have krb5 1.11.2-4 then you need to add KRB5CCNAME=/tmp/krb5cc_48 to the end of /etc/sysconfig/httpd. The ccache format was changed to DIR and mod_auth_kerb doesn't support this yet. This fix should work with any version of IPA.


Freeipa-devel mailing list

Reply via email to