Hi all!
I'm working on updating my freeipa server from rocky 8 to 9. I'm playing around
with a virtual machines as playground server and client, since I'd rather not
break my everything right away. As part of this, I first installed ipa-server
version 4.10.2-8.el9_3 on the server. Then I did an ipa-restore with a backup
from my production ipa server (rocky 8,
4.9.12-11.module+el8.9.0+1652+4ee71f6a), followed by an ipa-server-upgrade. All
is well so far (I think).
The client is running Debian bookworm with backports, where the latest
ipa-client version is 4.9.11-1. Then, I went with the usual ipa-client-install
--no-ntp, which fails with "Joining realm failed: Failed to parse result:
PrincipalName not found." after retrieving the CA cert.
The logs don't tell me much more, but the --debug flag does. It negotiates a
JSON-RPC response, in which it says '{... "principal": "[email protected]",
...}'. I note that principal != PrincipalName. Also note, that on the server,
the host /is/ added.
So I guess my question is: how much version skew between server and client is
supported?
Kind regards, and many thanks for the excellent software and support,
Peter Kroon
--
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
