On 05/20/2013 05:18 PM, Guy Matz wrote: > Hi! I'm trying the following ipa-client-install: > [root@cpuppettest log]# hostname > cpuppettest > [root@cpuppettest log]# hostname -f > cpuppettest.collmedia.net > [root@cpuppettest log]# /usr/sbin/ipa-client-install > --domain=collmedia.net --enable-dns-updates --mkhomedir > --principal=HOST/cpuppettest.collmedia.net -w=secret
Did you pre create the client first yourself using ipa host-add? While creating it did you create an OTP for it? Is it 'secret'? I think it should also be -w secret without '=' For more details see: http://docs.fedoraproject.org/en-US/Fedora/17/html-single/FreeIPA_Guide/index.html#kickstart > --realm=COLLMEDIA.NET --server=ipadevmstr.collmedia.net --unattended > Discovery was successful! > Hostname: cpuppettest.collmedia.net > Realm: COLLMEDIA.NET > DNS Domain: collmedia.net > IPA Server: ipadevmstr.collmedia.net > BaseDN: dc=collmedia,dc=net > > > Synchronizing time with KDC... > > kinit: Client 'HOST/[email protected]' not found > in Kerberos database while getting initial credentials > > Installation failed. Rolling back changes. > IPA client is not configured on this system. > > and krb5kdc.log on the server says: > [root@ipadevmstr log]# tailf -n 1 krb5kdc.log > May 20 17:12:50 ipadevmstr.collmedia.net krb5kdc[1364](info): AS_REQ (4 > etypes {18 17 16 23}) 192.168.8.28: CLIENT_NOT_FOUND: > HOST/[email protected] for > krbtgt/[email protected], Client not found in Kerberos database > > However my IPA server does seem to know about this new client: > [root@ipadevmstr log]# ipa host-show cpuppettest.collmedia.net > Host name: cpuppettest.collmedia.net > Password: True > Keytab: False > Managed by: cpuppettest.collmedia.net > > Any thoughts would be greatly appreciated! > Thanks a lot, > Guy Matz > > P.S. - Does my client need to be 3.x? > [root@cpuppettest log]# uname -a > Linux cpuppettest 2.6.32-279.el6.x86_64 #1 SMP Fri Jun 22 12:19:21 UTC > 2012 x86_64 x86_64 x86_64 GNU/Linux > [root@cpuppettest log]# rpm -qa | grep ipa-client > ipa-client-2.2.0-16.el6.x86_64 It should work OK if it is latest patched 2.2 client. > and > [root@ipadevmstr log]# uname -a > Linux ipadevmstr.collmedia.net 2.6.32-279.22.1.el6.x86_64 #1 SMP Wed Feb > 6 03:10:46 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux > [root@ipadevmstr log]# rpm -qa | grep ipa-server > ipa-server-3.0.0-26.el6_4.2.x86_64 > > _______________________________________________ > Freeipa-users mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/freeipa-users -- Thank you, Dmitri Pal Sr. Engineering Manager for IdM portfolio Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
