Oliver Burtchen wrote:
Hi,

using clean F12 installtion with all updates and ipa 1.91-0.2010041617git671bb9c.fc12 on server and client:

Currently I'm unable to join a client, debug of ipa-client-install attached. Seems, there was a change in the protocol, and ipa-join gives to many arguments..

Best regards,
Oli




[r...@testclient ~]# ipa-client-install -d
root        : DEBUG    Loading Index file from '/var/lib/ipa-
client/sysrestore/sysrestore.index'
root        : DEBUG    [ipadnssearchldap(example.com)]
root        : DEBUG    [ipadnssearchkrb]
root        : DEBUG    [ipacheckldap]
root        : DEBUG    Init ldap with: ldap://services.example.com:389
root        : DEBUG    Search rootdse
root        : DEBUG    Search for (info=*) in dc=example.com(base)
root : DEBUG Found: [('dc=example.com', {'objectClass': ['top', 'domain', 'pilotObject', 'nisDomainObject', 'domainRelatedObject'], 'info': ['IPA V2.0'], 'associatedDomain': ['example.com'], 'dc': ['example.com'], 'nisDomain': ['example.com']})] root : DEBUG Search for (objectClass=krbRealmContainer) in dc=example.com(sub) root : DEBUG Found: [('cn=EXAMPLE.COM,cn=kerberos,dc=example.com', {'krbSubTrees': ['dc=example.com'], 'cn': ['EXAMPLE.COM'], 'krbDefaultEncSaltTypes': ['aes256-cts:normal', 'aes128-cts:normal', 'des3-
hmac-sha1:normal', 'arcfour-hmac:normal', 'des-hmac-sha1:normal', 'des-cbc-
md5:normal'], 'objectClass': ['top', 'krbrealmcontainer', 'krbticketpolicyaux'], 'krbSearchScope': ['2'], 'krbSupportedEncSaltTypes': ['aes256-cts:normal', 'aes128-cts:normal', 'des3-hmac-sha1:normal', 'arcfour-
hmac:normal', 'des-hmac-sha1:normal', 'des-cbc-md5:normal', 'des-cbc-
crc:normal', 'des-cbc-crc:v4', 'des-cbc-crc:afs3'], 'krbMaxTicketLife': ['86400'], 'krbMaxRenewableAge': ['604800']})]
Discovery was successful!
Realm: EXAMPLE.COM
DNS Domain: example.com
IPA Server: services.example.com
BaseDN: dc=example.com


Continue to configure the system with these values? [no]: y
Principal: admin
Password for ad...@example.com: root : INFO args=/usr/kerberos/bin/kinit ad...@example.com root : INFO stdout=Password for ad...@example.com:
root        : INFO     stderr=
root : INFO args=/usr/sbin/ipa-join -s services.example.com -d
root        : INFO     stdout=
root : INFO stderr=cannot open configuration file /etc/ipa/default.conf
XML-RPC CALL:

<?xml version="1.0" encoding="UTF-8"?>\r\n
<methodCall>\r\n
<methodName>join</methodName>\r\n
<params>\r\n
<param><value><string>testclient.example.com</string></value></param>\r\n
<param><value><struct>\r\n
<member><name>nsosversion</name>\r\n
<value><string>2.6.32.11-99.fc12.i686.PAE</string></value></member>\r\n
<member><name>nshardwareplatform</name>\r\n
<value><string>i686</string></value></member>\r\n
</struct></value></param>\r\n
</params>\r\n
</methodCall>\r\n

XML-RPC RESPONSE:

<?xml version='1.0' encoding='UTF-8'?>\n
<methodResponse>\n
<fault>\n
<value><struct>\n
<member>\n
<name>faultCode</name>\n
<value><int>3004</int></value>\n
</member>\n
<member>\n
<name>faultString</name>\n
<value><string>command 'join' takes at most 1 argument</string></value>\n
</member>\n
</struct></value>\n
</fault>\n
</methodResponse>\n

RPC failed at server.  command 'join' takes at most 1 argument

Joining realm failed: cannot open configuration file /etc/ipa/default.conf
XML-RPC CALL:

<?xml version="1.0" encoding="UTF-8"?>\r\n
<methodCall>\r\n
<methodName>join</methodName>\r\n
<params>\r\n
<param><value><string>testclient.example.com</string></value></param>\r\n
<param><value><struct>\r\n
<member><name>nsosversion</name>\r\n
<value><string>2.6.32.11-99.fc12.i686.PAE</string></value></member>\r\n
<member><name>nshardwareplatform</name>\r\n
<value><string>i686</string></value></member>\r\n
</struct></value></param>\r\n
</params>\r\n
</methodCall>\r\n

XML-RPC RESPONSE:

<?xml version='1.0' encoding='UTF-8'?>\n
<methodResponse>\n
<fault>\n
<value><struct>\n
<member>\n
<name>faultCode</name>\n
<value><int>3004</int></value>\n
</member>\n
<member>\n
<name>faultString</name>\n
<value><string>command 'join' takes at most 1 argument</string></value>\n
</member>\n
</struct></value>\n
</fault>\n
</methodResponse>\n

RPC failed at server.  command 'join' takes at most 1 argument
root        : INFO     args=/usr/kerberos/bin/kdestroy
root        : INFO     stdout=
root        : INFO     stderr=

I have a fix for this awaiting peer review on freeipa-devel titled "Use the certificate subject base in IPA when requesting certs in certmonger."

rob

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to