Hello all!!

I cannot get a RHEL5.10 client to install!

[root@hostname ~]# ipa-client-install --hostname=hostname.domain.com 
--no-ntp  --ca-cert-file=/etc/ipa/ca.crt
DNS domain 'doman.com' is not configured for automatic KDC address lookup.
KDC address will be set to fixed value.

Discovery was successful!
Hostname:hostname.com
Realm:DOMAIN.COM
DNS Domain: domain.com
IPA Server: ipaserver.com
BaseDN: dc=ipa,dc=dc,dc=sita,dc=com

Joining realm failed: SASL Bind failed Local error (-2) !
child exited with 9
Installation failed. Rolling back changes.


This is what the krb log had to say

Mar 08 06:24:00 ipaser...@domain.com krb5kdc[29358](info): TGS_REQ (1 
etypes {18}) 10.226.124.10: ISSUE: authtime 1394259840, etypes {rep=18 
tkt=18 ses=18}, rke...@domain.com for krbtgt/domain....@domain.com
Mar 08 06:24:00 ipaser...@domain.com krb5kdc[29357](info): TGS_REQ (4 
etypes {18 17 16 23}) 10.226.20.31: ISSUE: authtime 1394259840, etypes 
{rep=18 tkt=18 ses=18}, rke...@domain.com for 
ldap/ipaserver.domain....@domain.com
krb5kdc: Cannot determine realm for numeric host address - unable to find 
realm of host
Mar 08 06:24:00 ipaser...@domain.como krb5kdc[29358](info): TGS_REQ (7 
etypes {18 17 16 23 1 3 2}) 10.22.22.10: UNKNOWN_SERVER: authtime 0, 
rke...@ipa2.dc.sita.aero for ldap/10.226.20...@domain.com, Server not 
found in Kerberos database
Mar 08 06:24:00 ipaser...@domain.com krb5kdc[29357](info): TGS_REQ (7 
etypes {18 17 16 23 1 3 2}) 10.22.22.10: UNKNOWN_SERVER: authtime 0, 
rke...@ipa2.dc.sita.aero for ldap/10.226.20...@domain.com, Server not 
found in Kerberos database


After reviewing the https://access.redhat.com/site/solutions/231543 post 
IPA: Joining realm failed: SASL Bind failed Local error (-2) ! child 
exited with 9. I checked all my DNS info via dig and took a working DNS 
config from another server. Everything appears to be setup right. 


What could I be overlooking?

Thank You,
Rashard Kelly
SITA  Senior Linux Specialist


This document is strictly confidential and intended only for use by the
addressee unless otherwise stated.  If you are not the intended recipient,
please notify the sender immediately and delete it from your system.

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to