On (06/02/14 18:33), Shree wrote:
>First of all, the ipa-replica-install did not allow me to use the --setup-ca
> option complaining that a cert already exists, replicate creation was
> successful after I skipped the option.
>Seems like the replica is one except
>1) There is no CA Service running on the replica (which I guess is expected)
>2) I am unable to run ipa-client-install successfully on any clients using
> the replica. (I don't have the option of using the primary master as it is
> configured in a segregated environment. Only the master and replica are
> allowed to sync.
>Debug shows it fails at
>ipa : DEBUG stderr=kinit: Cannot contact any KDC for realm
>'mydomainname.com' while getting initial credentials
I was not able to install replica witch CA on fedora 20,
Bug is already reported https://fedorahosted.org/pki/ticket/816
Guys from dogtag found a workaround
Does it work for you?
Freeipa-users mailing list