I'm attempting to configure a CentOS6 box to talk to a RHEL6.2 IPA
server.  The IPA server has anonymous bind disabled since it's on the
public Internet.  When I run ipa-client-install, I get the following error:

---(snip!)---
[root@nen ~]# ipa-client-install --domain=OPENNMS.COM -w <pass>
root        : ERROR    LDAP Error: Connect error: TLS error
-8172:Unknown code ___f 20
Failed to verify that connect.opennms.com is an IPA Server.
This may mean that the remote server is not up or is not reachable
due to network or firewall settings.
Installation failed. Rolling back changes.
IPA client is not configured on this system.
---(snip!)---

I've tried without the -w, or with -W to see if that makes a difference.
I don't see any --help options that tell me how to go about telling it
to bind non-anonymously, AFAICT. Any ideas how this is supposed to work?
https://bugzilla.redhat.com/show_bug.cgi?id=741050 implies it should
figure it out on it's own...

client:
ipa-admintools-2.1.3-9.el6.x86_64
ipa-python-2.1.3-9.el6.x86_64
ipa-client-2.1.3-9.el6.x86_64

server:
ipa-pki-ca-theme-9.0.3-7.el6.noarch
ipa-server-2.1.3-9.el6.x86_64
ipa-client-2.1.3-9.el6.x86_64
ipa-pki-common-theme-9.0.3-7.el6.noarch
ipa-python-2.1.3-9.el6.x86_64
ipa-server-selinux-2.1.3-9.el6.x86_64
ipa-admintools-2.1.3-9.el6.x86_64

-- 
Benjamin Reed
The OpenNMS Group
http://www.opennms.org/

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to