On 02/18/2013 09:06 PM, John Moyer wrote:
The client is pointing to DNS for the server. Here is the log info
from the ipa-client-log (in /var/log/). I haven't tried the other stuff
yet, I'll respond back when I get a chance to check out the CA cert things.
2013-02-19T02:01:37Z DEBUG args=kinit ipa-b...@example.com
When the client installer tries to retrieve the CA cert from LDAP it
uses a GSSAPI bind and they error you're getting is that it cannot
perform a bind with the credentials from above.
Did you provide the password for ipa-bind? Are you running the client
Is the realm EXAMPLE.COM really correct?
Are you able to do a kinit for ipa-b...@example.com on the client
Are your kerberos ports open?
John Dennis <jden...@redhat.com>
Looking to carve out IT costs?
Freeipa-users mailing list