Justin, 

Thank you very much for the prompt response. The log output is as follows: 

2016-07-20T17:02:52Z DEBUG Starting external process 
2016-07-20T17:02:52Z DEBUG args='/usr/sbin/ipa-join' '-s' 'ldap.mydomain.com' 
'-b' 'dc=mydomain,dc=com' '-h' 'centostest.mydomain.com' 
2016-07-20T17:02:52Z DEBUG Process finished, return code=17 
2016-07-20T17:02:52Z DEBUG stdout= 
2016-07-20T17:02:52Z DEBUG stderr=HTTP response code is 403, not 200 

2016-07-20T17:02:52Z ERROR Joining realm failed: HTTP response code is 403, not 
200 

2016-07-20T17:02:52Z ERROR Installation failed. Rolling back changes. 
2016-07-20T17:02:52Z ERROR IPA client is not configured on this system. 

Regards, 
Rubin 

----- Original Message -----

From: "Justin Stephenson" <jstep...@redhat.com> 
To: "Rubin Binder" <rbin...@wooplagaming.com>, freeipa-users@redhat.com 
Sent: Wednesday, July 20, 2016 2:49:16 PM 
Subject: Re: [Freeipa-users] FreeIPA Client Install 403 error 

Could you please share with us the /var/log/ipaclient-install.log ? 

Kind regards, 

Justin Stephenson 


On 07/20/2016 01:23 PM, Rubin Binder wrote: 
> Hello all, 
> 
> I am testing Free IPA server for use under a test environment, so far smooth 
> sailing and have it up and running, no problems. 
> 
> The problem is occurring during client installation. I have installed the 
> ipa-client package on a clean CentOS 7 OS. When I execute 
> ipa-client-install... I get the following: 
> 
> Client hostname: centostest.mydomain.com 
> Realm: MYDOMAIN.COM 
> DNS Domain: mydomain.com 
> IPA Server: ldap.mydomain.com 
> BaseDN: dc=mydomain,dc=com 
> 
> Continue to configure the system with these values? [no]: yes 
> Skipping synchronizing time with NTP server. 
> User authorized to enroll computers: admin 
> Password for ad...@mydomain.com: 
> Successfully retrieved CA cert 
> Subject: CN=Certificate Authority,O=MYDOMAIN.COM 
> Issuer: CN=Certificate Authority,O=MYDOMAIN.COM 
> Valid From: Wed Jul 13 13:12:08 2016 UTC 
> Valid Until: Sun Jul 13 13:12:08 2036 UTC 
> 
> Joining realm failed: HTTP response code is 403, not 200 
> 
> Installation failed. Rolling back changes. 
> IPA client is not configured on this system. 
> 
> I can't make sense of why I'd be seeing a 403 error. I've done my share of 
> searching but have not found a similar issue. Some have report 401 errors in 
> some circumstances, but not 403. 
> 
> Has anyone seen this before. 
> 
> Thanks, 
> Rubin 
> 


-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to