"Run: klist -kt /etc/krb5.keytab to see what keys are available." It shows the master server and itself. "When you ran ipa-client-install were any errors reported?" None It appears that basic nss services aren't working. Can you do: id mdavidsonid: mdavidson: No such user getent passwd mdavidsonreturns nothing. ThanksMatt ---------------------------------------- > Date: Wed, 2 May 2012 10:17:02 -0400 > From: rcrit...@redhat.com > To: m...@mldserviceslex.com > CC: freeipa-users@redhat.com > Subject: Re: [Freeipa-users] red hat 5 and red hat 6 compatability > > Matthew Davidson wrote: > > Greetings, > > > > Trying to get a Red Hat 5.8 server installed as a client to my Red Hat 6 > > server. > > > > The first problem was at the install. > > > > yum install ipa-client ipa-admintools > > > > *No ipa-admintools! The RHEL5 system is registered with Red Hat and I > > have searched the web.* > > There is no admin tools package for 5.x. Only a client enrollment script > is availab.e > > > But I went ahead with the installation and I have joined RHEL5 to the > > domain. > > > > From the command line. > > > > kinit mdavidson will log in. > > > > klist > > > > Ticket cache: FILE:/tmp/krb5cc_0 > > > > Default principal: mdavid...@example.com <mailto:mdavid...@example.com> > > > > Looks good but I cannot setup ssh and ssh is essential. > > > > I assume it’s because I cannot perform this part of the steps. > > > > http://bit.ly/Ivxxwj : Procedure 1.5. To configure a Red Hat Enterprise > > Linux 5 IPA client for incoming SSH connections: > > > > The IPA client installation process configures the NTP service by > > default, but you should ensure that time on the IPA client and server is > > synchronized. If it is not, run the following commands on the IPA client: > > > > # service ntpd stop > > > > # ntpdate -s -p 8 -u ipaserver.example.com > > > > # service ntpd start > > > > Note > > > > The ntpdate command does not work if ntpd is running. > > > > Obtain a Kerberos ticket for the admin user. > > > > # kinit admin > > > > Add a host service principal on the IPA client. > > > > # ipa-addservice host/ipaclient.example.com *(My error is -bash: ipa: > > command not found)* > > > > Retrieve the keytab. > > > > # ipa-getkeytab -s ipaserver.example.com -p host/ipaclient.example.com > > -k /etc/krb5.keytab *(My error is -bash: ipa: command not found)* > > These instructions are for IPA v1. I don't know why you get an error > message about ipa not found when running ipa-<something> though. > > The client installer should have already created a host service > principal. Run: klist -kt /etc/krb5.keytab to see what keys are available. > > When you ran ipa-client-install were any errors reported? > > It appears that basic nss services aren't working. Can you do: > > id mdavidson > getent passwd mdavidson > > If these don't work then sssd won't either (nor anything else). > > rob > > > > > From RHEL5 /var/log/secure: > > > > May 1 14:09:41 wkylexsys21 sshd[2984]: Invalid user mdavidson from > > 192.168.1.110 > > > > May 1 14:09:41 wkylexsys21 sshd[2985]: input_userauth_request: invalid > > user mdavidson > > > > May 1 14:09:46 wkylexsys21 sshd[2984]: pam_unix(sshd:auth): check pass; > > user unknown > > > > May 1 14:09:46 wkylexsys21 sshd[2984]: pam_unix(sshd:auth): > > authentication failure; logname= uid=0 euid=0 tty=ssh ruser= > > rhost=rhel6.example.com > > > > May 1 14:09:46 wkylexsys21 sshd[2984]: pam_succeed_if(sshd:auth): error > > retrieving information about user mdavidson > > > > May 1 14:09:48 wkylexsys21 sshd[2984]: Failed password for invalid user > > mdavidson from 192.168.1.110 port 58959 ssh2 > > > > May 1 14:10:04 wkylexsys21 sshd[2984]: Failed password for invalid user > > mdavidson from 192.168.1.110 port 58959 ssh2 > > > > May 1 14:10:09 wkylexsys21 sshd[2984]: pam_unix(sshd:auth): check pass; > > user unknown > > > > May 1 14:10:09 wkylexsys21 sshd[2984]: pam_succeed_if(sshd:auth): error > > retrieving information about user mdavidson > > > > May 1 14:10:10 wkylexsys21 sshd[2984]: Failed password for invalid user > > mdavidson from 192.168.1.110 port 58959 ssh2 > > > > May 1 14:10:22 wkylexsys21 sshd[2984]: pam_unix(sshd:auth): check pass; > > user unknown > > > > May 1 14:10:22 wkylexsys21 sshd[2984]: pam_succeed_if(sshd:auth): error > > retrieving information about user mdavidson > > > > May 1 14:10:24 wkylexsys21 sshd[2984]: Failed password for invalid user > > mdavidson from 192.168.1.110 port 58959 ssh2 > > > > DNS works. > > > > ntpd is running. > > > > I checked all the configuration files. > > > > I have searched for ipa-admintools and I’m sure this is why I cannot run > > the ipa commands in step 1.5. > > > > What am I missing? Any thoughts or suggestions? > > > > Matt > > > > > > > > _______________________________________________ > > Freeipa-users mailing list > > Freeipa-users@redhat.com > > https://www.redhat.com/mailman/listinfo/freeipa-users >
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users