On 02/02/2016 11:35 PM, Simpson Lachlan wrote:
> Hola,
> 
> Presuming a regular machine, I've started the join as per instructions:
> 
> yum install ipa-client
> 
> [root@vmts-linux1 ~]# ipa-client-install
> Error checking LDAP: Operations error: 000004DC: LdapErr: DSID-0C0906E8, 
> comment: In order to perform this operation a successful bind must be 
> completed on the connection., data 0, v1db1
> Discovery was successful!
> Client hostname: vmts-linux1.unix.example.org
> Realm: UNIX.EXAMPLE.ORG
> DNS Domain: unix.example.org
> IPA Server: dc1.example.org
> BaseDN: dc=unix,dc=example,dc=org
> 
> 
> There are two things here that I'd like to understand.
> 
> 1. There was an error, but the process seems to have been successful? Should 
> I be investigating that error or is it to be expected?

Hi Simpson,

I suspect that ipa-client-install had problems verifying a server during the
discovery, so it may have assumed some values itself, it probably did it wrong.
Details are in the ipaclient-install.log.

> 2. The IPA server is wrong - the machine it has found the PDC  server (with a 
> one way trust IPA->AD), but not the IPA server. I can only presume this is in 
> error and that I should run the command again explicitly stating the IPA 
> server?

So are you saying that FreeIPA actually discovered on an AD server? Do you DNS
domain with SRV records for FreeIPA set up? If yes, you can pass it via
"--domain" option of ipa-client-install, without using hard coded server list
via "--server" options.

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to