On Tue, 2011-03-29 at 00:08 +0000, Steven Jones wrote:
> Trying to set up a fed14 cleint and since DNS is on the AD server (dc0002)
> there is no dns_discovery....so as per doc I ran the install and it should
> ask me for the info....but it fails with,
> [root@fed14-64-cli01 yum.repos.d]# ipa-client-install
> DNS discovery failed to determine your DNS domain
> Please provide the domain name of your IPA server (ex: example.com): ipa.ac.nz
> Retrieving CA from dc0002.ipa.ac.nz failed.
> Command '/usr/bin/wget -O /tmp/tmpzR381G/ca.crt
> http://dc0002.ipa.ac.nz/ipa/config/ca.crt' returned non-zero exit status 4
> [root@fed14-64-cli01 yum.repos.d]#
> So its asking the dns server for the cert which doesnt have it instead of the
> ipa server....which does.
> I think the install script needs some work....
What is a content of _ldap._tcp.ipa.ac.nz DNS SRV record? IPA client
installation uses this DNS record in an autodiscovery of IPA server in
the given DNS domain.
You may want to check the DNS record or set the domain and server
# ipa-client-install --server=<your_IPA_server> --domain=<domain>
Freeipa-users mailing list