On 01/07/2013 11:00 AM, Natxo Asenjo wrote:
on a workstation *not* joined to the IPA domain but with the the ipa
admin tools installed I get this error when trying to modify dns
settings and I have a kerberos ticket of an admin user:
$ kinit user.ad...@unix.domain.tld
Password for user.ad...@unix.domain.tld
Ticket cache: FILE:/tmp/krb5cc_500
Default principal: user.ad...@unix.domain.tld
Valid starting Expires Service principal
01/07/13 10:47:09 01/08/13 10:47:06 krbtgt/unix.domain....@unix.domain.tld
renew until 01/14/13 10:47:06
$ ipa dnsrecord-mod unix.domain.tld ipaclient01 --ttl=300
ipa: ERROR: Client is not configured. Run ipa-client-install.
Is this 'by design'? This limitation on the cli tool does not apply to
the web interface, by the way, that is, I can login the web interface
without being joined to the domain and modify all kind of stuff there
To be more specific: this is not a problem, I can run this command on
a joined host, but I was just curious.
Create a config file in /etc/ipa/default.conf or ~/.ipa/default.conf (or
somewhere else and point ipa to it using the -c option). Copy the
`xmlrpc_uri` line from a config on a master or joined machine there.
ipa should work then.
Freeipa-users mailing list