Hi,

I tried to join my first client (another fully patched F15, like the ipa-server).

Joining realm failed because of failing XML-RPC request.
  This error may be caused by incompatible server/client major versions.




[root@chessur ~]# ipa-client-install --debug --enable-dns-updates
root        : DEBUG    /usr/sbin/ipa-client-install was invoked with
options: {'conf_ntp': True, 'domain': None, 'uninstall': False, 'force':
False, 'sssd': True, 'hostname': None, 'permit': False, 'server': None,
'prompt_password': False, 'realm_name': None, 'dns_updates': True,
'debug': True, 'on_master': False, 'ntp_server': None, 'mkhomedir':
False, 'unattended': None, 'principal': None}
root        : DEBUG    missing options might be asked for interactively
later

root        : DEBUG    Loading Index file from
'/var/lib/ipa-client/sysrestore/sysrestore.index'

^C^C^C^C^C^C^C^C^C[root@chessur ~]# ipa-client-install --debug
--enable-dns-updates
root        : DEBUG    /usr/sbin/ipa-client-install was invoked with
options: {'conf_ntp': True, 'domain': None, 'uninstall': False, 'force':
False, 'sssd': True, 'hostname': None, 'permit': False, 'server': None,
'prompt_password': False, 'realm_name': None, 'dns_updates': True,
'debug': True, 'on_master': False, 'ntp_server': None, 'mkhomedir':
False, 'unattended': None, 'principal': None}
root        : DEBUG    missing options might be asked for interactively
later

root        : DEBUG    Loading Index file from
'/var/lib/ipa-client/sysrestore/sysrestore.index'
root        : DEBUG    [ipadnssearchldap(vorlon.lan)]
root        : DEBUG    [ipadnssearchkrb]
root        : DEBUG    [ipacheckldap]
root        : DEBUG    args=/usr/bin/wget -O /tmp/tmpLob8Sc/ca.crt
http://zerberus.vorlon.lan/ipa/config/ca.crt
root        : DEBUG    stdout=
root        : DEBUG    stderr=--2011-07-26 15:34:18--
http://zerberus.vorlon.lan/ipa/config/ca.crt
Auflösen des Hostnamen »zerberus.vorlon.lan«.... 192.168.0.230
Verbindungsaufbau zu zerberus.vorlon.lan|192.168.0.230|:80... verbunden.
HTTP Anforderung gesendet, warte auf Antwort... 200 OK
Länge: 767 [application/x-x509-ca-cert]
In »»/tmp/tmpLob8Sc/ca.crt«« speichern.

     0K                                                       100% 96,8M=0s

2011-07-26 15:34:18 (96,8 MB/s) - »»/tmp/tmpLob8Sc/ca.crt«« gespeichert
[767/767]


root        : DEBUG    Init ldap with: ldap://zerberus.vorlon.lan:389
root        : DEBUG    Search rootdse
root        : DEBUG    Search for (info=*) in dc=vorlon,dc=lan(base)
root        : DEBUG    Found: [('dc=vorlon,dc=lan', {'objectClass':
['top', 'domain', 'pilotObject', 'nisDomainObject',
'domainRelatedObject'], 'info': ['IPA V2.0'], 'associatedDomain':
['vorlon.lan'], 'dc': ['vorlon'], 'nisDomain': ['vorlon.lan']})]
root        : DEBUG    Search for (objectClass=krbRealmContainer) in
dc=vorlon,dc=lan(sub)
root        : DEBUG    Found:
[('cn=VORLON.LAN,cn=kerberos,dc=vorlon,dc=lan', {'krbSubTrees':
['dc=vorlon,dc=lan'], 'cn': ['VORLON.LAN'], 'krbDefaultEncSaltTypes':
['aes256-cts:special', 'aes128-cts:special', 'des3-hmac-sha1:special',
'arcfour-hmac:special'], 'objectClass': ['top', 'krbrealmcontainer',
'krbticketpolicyaux'], 'krbSearchScope': ['2'],
'krbSupportedEncSaltTypes': ['aes256-cts:normal', 'aes256-cts:special',
'aes128-cts:normal', 'aes128-cts:special', 'des3-hmac-sha1:normal',
'des3-hmac-sha1:special', 'arcfour-hmac:normal', 'arcfour-hmac:special',
'des-hmac-sha1:normal', 'des-cbc-md5:normal', 'des-cbc-crc:normal',
'des-cbc-crc:v4', 'des-cbc-crc:afs3'], 'krbMaxTicketLife': ['86400'],
'krbMaxRenewableAge': ['604800']})]
root        : DEBUG    will use domain: vorlon.lan

root        : DEBUG    will use server: zerberus.vorlon.lan

Discovery was successful!
root        : DEBUG    will use cli_realm: VORLON.LAN

root        : DEBUG    will use cli_basedn: dc=vorlon,dc=lan

Hostname: chessur.vorlon.lan
Realm: VORLON.LAN
DNS Domain: vorlon.lan
IPA Server: zerberus.vorlon.lan
BaseDN: dc=vorlon,dc=lan


Continue to configure the system with these values? [no]: yes
Enrollment principal: admin
root        : DEBUG    will use principal: admin

root        : DEBUG    args=/usr/bin/wget -O /etc/ipa/ca.crt
http://zerberus.vorlon.lan/ipa/config/ca.crt
root        : DEBUG    stdout=
root        : DEBUG    stderr=--2011-07-26 15:34:28--
http://zerberus.vorlon.lan/ipa/config/ca.crt
Auflösen des Hostnamen »zerberus.vorlon.lan«.... 192.168.0.230
Verbindungsaufbau zu zerberus.vorlon.lan|192.168.0.230|:80... verbunden.
HTTP Anforderung gesendet, warte auf Antwort... 200 OK
Länge: 767 [application/x-x509-ca-cert]
In »»/etc/ipa/ca.crt«« speichern.

     0K                                                       100% 64,6M=0s

2011-07-26 15:34:28 (64,6 MB/s) - »»/etc/ipa/ca.crt«« gespeichert [767/767]


root        : DEBUG    Writing Kerberos configuration to /tmp/tmphXdPGl:
#File modified by ipa-client-install

[libdefaults]
  default_realm = VORLON.LAN
  dns_lookup_realm = true
  dns_lookup_kdc = true
  rdns = false
  ticket_lifetime = 24h
  forwardable = yes

[realms]
  VORLON.LAN = {
    pkinit_anchors = FILE:/etc/ipa/ca.crt
  }

[domain_realm]
  .vorlon.lan = VORLON.LAN
  vorlon.lan = VORLON.LAN

[appdefaults]
  pam = {
    debug = false
    ticket_lifetime = 36000
    renew_lifetime = 36000
    forwardable = true
    krb4_convert = false
  }

Password for ad...@vorlon.lan:
root        : DEBUG    args=kinit ad...@vorlon.lan
root        : DEBUG    stdout=Password for ad...@vorlon.lan:

root        : DEBUG    stderr=

root        : DEBUG    args=/usr/sbin/ipa-join -s zerberus.vorlon.lan -d
root        : DEBUG    stdout=
root        : DEBUG    stderr=XML-RPC CALL:

<?xml version="1.0" encoding="UTF-8"?>\r\n
<methodCall>\r\n
<methodName>join</methodName>\r\n
<params>\r\n
<param><value><array><data>\r\n
<value><string>chessur.vorlon.lan</string></value>\r\n
</data></array></value></param>\r\n
<param><value><struct>\r\n
<member><name>nsosversion</name>\r\n
<value><string>2.6.38.8-35.fc15.x86_64</string></value></member>\r\n
<member><name>nshardwareplatform</name>\r\n
<value><string>x86_64</string></value></member>\r\n
</struct></value></param>\r\n
</params>\r\n
</methodCall>\r\n

HTTP response code is 500, not 200

Joining realm failed because of failing XML-RPC request.
  This error may be caused by incompatible server/client major versions.
root        : DEBUG    args=kdestroy
root        : DEBUG    stdout=
root        : DEBUG    stderr=
[root@chessur ~]#


cu romal

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to