Could you please share with us the /var/log/ipaclient-install.log ?
Kind regards, Justin Stephenson On 07/20/2016 01:23 PM, Rubin Binder wrote:
Hello all, I am testing Free IPA server for use under a test environment, so far smooth sailing and have it up and running, no problems. The problem is occurring during client installation. I have installed the ipa-client package on a clean CentOS 7 OS. When I execute ipa-client-install... I get the following: Client hostname: centostest.mydomain.com Realm: MYDOMAIN.COM DNS Domain: mydomain.com IPA Server: ldap.mydomain.com BaseDN: dc=mydomain,dc=com Continue to configure the system with these values? [no]: yes Skipping synchronizing time with NTP server. User authorized to enroll computers: admin Password for ad...@mydomain.com: Successfully retrieved CA cert Subject: CN=Certificate Authority,O=MYDOMAIN.COM Issuer: CN=Certificate Authority,O=MYDOMAIN.COM Valid From: Wed Jul 13 13:12:08 2016 UTC Valid Until: Sun Jul 13 13:12:08 2036 UTC Joining realm failed: HTTP response code is 403, not 200 Installation failed. Rolling back changes. IPA client is not configured on this system. I can't make sense of why I'd be seeing a 403 error. I've done my share of searching but have not found a similar issue. Some have report 401 errors in some circumstances, but not 403. Has anyone seen this before. Thanks, Rubin
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project