On Fri, 2011-06-24 at 10:28 +0200, Pieter Baele wrote: > On Thu, Jun 23, 2011 at 19:59, Rob Crittenden <rcrit...@redhat.com> wrote: > > Pieter Baele wrote: > >> > >> My new freeipa installation is working (server + kinit on a host where > >> I configured krb5.conf manually) > >> but ipa-client-install gives the typical Kerberos error: > >> > >> kinit: Client not found in Kerberos database while getting initial > >> credentials > >> > >> Both hosts are resolvable > > > > I'd suggest looking at /var/log/krb5kdc.log on the server after trying a > > kinit. This should tell you the name it is trying to resolve. > > > > rob > > > > About this issue, nothing is logged in /var/log/krb5kdc.log..... > > I used this command now: > ipa-client-install --server ipa1.example.org --domain example.org -p > pieterb -W -d > > User 'pieterb' exists and has admin privileges > > > Password for piet...@example.org > root : DEBUG args=kinit piet...@example.org > root : DEBUG stdout= > root : DEBUG stderr=kinit: Client not found in Kerberos > database while getting initial credentials > > > root : DEBUG args=kdestroy > root : DEBUG stdout= > root : DEBUG stderr=kdestroy: No credentials cache found > while destroying cache > > kinit: Client not found in Kerberos database while getting initial credentials >
Is pieterb a user you added in your IPA server or its just in your local master machine local files (/etc/passwd)? I.e. can you run `ipa user-show pieterb`? What if you run ipa-client-install with "-p admin" instead of "-p pieterb" - does it work? Martin _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users