Pieter Baele via FreeIPA-users wrote:
> I've a weird problem with 2 hosts on ipa-client-install registration.
> All my servers are using a 99% alike kickstart profile.
> 8 hosts did their registration almost immediately (after submit of admin)
> But on 2 servers I am stuck with:
> trying to retrieve CA cert via LDAP from ....
> Any idea what the reason could be? I checked: DNS, firewall
> But all verifications and discovery before this step are successful.
> It's only possible I did a ipa-client-uninstall on those hosts before.
> (not 100% sure)
Shouldn't matter unless you are running an ancient version of RHEL 6.x.
I'd start with the 389-ds access log and the KDC log on the IPA master
and see if connections are being made at all, and with what results.
FreeIPA-users mailing list -- email@example.com
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org