Awesome that was the issue Rob. Thanks!
Matt -----Original Message----- From: Rob Crittenden [mailto:rcrit...@redhat.com] Sent: Wednesday, April 03, 2013 10:14 AM To: Joseph, Matthew (EXP); freeipa-users@redhat.com Subject: Re: EXTERNAL: Re: [Freeipa-users] Client Installation Error Joseph, Matthew (EXP) wrote: > Hey Rob, > > I updated my client's ipa, libcurl, and xmlrpc to what the server is using > that I listed below. > I am now getting the following error; > > Joining realm failed: HTTP response code is 401, not 200 > > On the server I looked at the krb5kdc.log to see if there was any > errors and I'm getting the following error; > > IPA_Server.domain.ca krb5kdc[2029](info): TGS_REQ (4 etypes {18 17 16 23}) > IP_ADDRESS_OF_CLIENT: UNKNOWN_SERVER: authtime 0, ad...@domain.ca for > HTTP/ipa_ser...@domain.ca, Server not found in Kerberos Database. > > I've checked on the server side and the client I'm trying to add is in DNS > and the host table. He can ping him fine so there is no issue with > communication. > > Any ideas? Any other logs/information I can provide you? It may be your obfuscation, but is it a FQDN in the HTTP service principal? It should be. If you're using /etc/hosts be sure that the FQDN version is first (so "foo.example.com foo" rather than "foo foo.example.com"). rob _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users