No, only "fresh" and updated RHEL 7.3 hosts.
Connections are being made, but still ipa-client install.
Can't wait forever on a solution of RH Support, they have/had no clue at
all, so I'll reinstall - yet the issue intrigues me a bit.
On Mon, Jul 3, 2017 at 4:53 PM Rob Crittenden <rcrit...@redhat.com> wrote:
> Pieter Baele via FreeIPA-users wrote:
> > Hi,
> > I've a weird problem with 2 hosts on ipa-client-install registration.
> > All my servers are using a 99% alike kickstart profile.
> > 8 hosts did their registration almost immediately (after submit of admin)
> > But on 2 servers I am stuck with:
> > stderr=
> > trying to retrieve CA cert via LDAP from ....
> > Any idea what the reason could be? I checked: DNS, firewall
> > But all verifications and discovery before this step are successful.
> > It's only possible I did a ipa-client-uninstall on those hosts before.
> > (not 100% sure)
> Shouldn't matter unless you are running an ancient version of RHEL 6.x.
> I'd start with the 389-ds access log and the KDC log on the IPA master
> and see if connections are being made at all, and with what results.
FreeIPA-users mailing list -- email@example.com
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org