On (06/02/14 18:33), Shree wrote: >First of all, the ipa-replica-install did not allow me to use the --setup-ca > option complaining that a cert already exists, replicate creation was > successful after I skipped the option. >Seems like the replica is one except >1) There is no CA Service running on the replica (which I guess is expected) >and >2) I am unable to run ipa-client-install successfully on any clients using > the replica. (I don't have the option of using the primary master as it is > configured in a segregated environment. Only the master and replica are > allowed to sync. >Debug shows it fails at > >ipa : DEBUG stderr=kinit: Cannot contact any KDC for realm >'mydomainname.com' while getting initial credentials > >
I was not able to install replica witch CA on fedora 20, Bug is already reported https://fedorahosted.org/pki/ticket/816 Guys from dogtag found a workaround https://fedorahosted.org/pki/ticket/816#comment:12 Does it work for you? LS _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users