Hello We've been trying to get IPA running on a RHEL6.2 zLinux (s390x). We've recompiled the RHEL6 SRPMS (including the 389 packages) for the architecture and eventually they installed. But when trying to set up the server, it fails when trying to create the KDC.
Configuring Kerberos KDC: Estimated time 30 seconds [1/14]: setting KDC account password [2/14]: adding sasl mappings to the directory [3/14]: adding kerberos entries to the DS [4/14]: adding default ACIs [5/14]: configuring KDC Failed to populate the realm structure in kerberos Command 'kdb5_ldap_util -D uid=kdc,cn=sysaccounts,cn=etc,dc=srv,dc=volvo,dc=com create -s -r SRV.VOLVO.COM -subtrees dc=srv,dc=volvo,dc=com -sscope sub' returned non-zero exit status 1 [6/14]: adding default keytypes root : CRITICAL Failed to load default-keytypes.ldif: Command '/usr/bin/ldapmodify -h zlin2011.srv.volvo.com -v -f /tmp/tmpERWFsx -x -D cn=Directory Manager -y /tmp/tmpC1RCfQ' returned non-zero exit status 32 [7/14]: adding default password policy root : CRITICAL Failed to load default-pwpolicy.ldif: Command '/usr/bin/ldapmodify -h zlin2011.srv.volvo.com -v -f /tmp/tmpPUNKLs -x -D cn=Directory Manager -y /tmp/tmpPcnobe' returned non-zero exit status 32 [8/14]: creating a keytab for the directory Unexpected error - see ipaserver-install.log for details: Command 'kadmin.local -q addprinc -randkey ldap/[email protected]' returned non-zero exit status 1 >From the dirsrv access log, we see the following line which differs from when >trying to install on x86_64 (where it works): [04/May/2012:15:22:27 +0200] conn=8 fd=66 slot=66 connection from local to /var/run/slapd-SRV-VOLVO-COM.socket [04/May/2012:15:22:27 +0200] conn=8 op=0 BIND dn="uid=kdc,cn=sysaccounts,cn=etc,dc=srv,dc=volvo,dc=com" method=128 version=3 [04/May/2012:15:22:27 +0200] conn=8 op=0 RESULT err=7 tag=97 nentries=0 etime=0 [04/May/2012:15:22:27 +0200] conn=8 op=-1 fd=66 closed - B1 Would anyone have a clue what could be wrong? -- David Juran <[email protected]> +46-725-345801 Sr. Consultant Red Hat
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
