On 16/04/13 09:18, Martin Kosek wrote:
In fact, the wrong situation was the DNS server already poiting to another Kerberos/Ldap server using SRV registers.I am glad to hear that.Can you please describe what exactly was wrong in the DNS? We already do several DNS checks which should prevent errors caused by misconfigured DNS.
[...] $ORIGIN _tcp.cica.es. $TTL 600 ; 10 minutes _gc SRV 0 100 3268 AD.cica.es. _kerberos SRV 0 100 88 AD.cica.es. _kpasswd SRV 0 100 464 AD.cica.es. _ldap SRV 0 100 389 AD.cica.es. [...]This was an old setting, not valid anymore, since the server "ad.cica.es" doesn't exist.
FreeIPA server being installed was called "sheldon.cica.es"The server installation script detected this, causing that strange behaviour.
I think its just a lazy sysadmin who didn't delete the old SRV registers :-) Best regards. -- Arturo Borrero González Departamento de Seguridad Informática Centro Informático Científico de Andalucía (CICA) Avda. Reina Mercedes s/n - 41012 - Sevilla (Spain) Tfno.: +34 955 056 600 / FAX: +34 955 056 650 Consejería de Economía, Innovación, Ciencia y Empleo Junta de Andalucía
Description: S/MIME Cryptographic Signature
_______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users