04.05.2012 21:27, Baoli Ma kirjoitti: > Hi freeipa team members: > > I tried to join a Ubuntu12.04 to my freeipa domain, I got the > following errors: > > 2012-05-01 08:38:59,093 DEBUG Init ldap with: ldap://ds.mydomain.com:389 > 2012-05-01 08:38:59,121 ERROR LDAP Error: Connect error: A TLS packet > with unexpected length was received.
This is likely a bug in NSS, you need to enable SSL support on the 389 server: - shut dirsrv down - edit /etc/dirsrv/slapd-FOO/dse.ldif: - search for 'nsSSL3:', change the value to 'on' - save the file - start dirsrv ipa-client-install should work the next time. Details about this here: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=663127 thanks for the reminder to file a bug on the fedora nss package.. :) > if I do this: > sudo wget http://ds.mydomain.com/ipa/config/ca.crt -O > /usr/share/ca-certificates/ipa-ca.crt > > got this error: > > Joining realm failed: /usr/sbin/ipa-join: error while loading shared > libraries: libssh2.so.1: cannot open shared object file: No such file or > directory > Installation failed. Rolling back changes. > IPA client is not configured on this system. Dunno about that one, the client install script is somewhat noisy even when it succeeds, but works nevertheless. If there are issues with it, please file bugs on launchpad and I'll prepare a SRU for it. t _______________________________________________ Mailing list: https://launchpad.net/~freeipa Post to : firstname.lastname@example.org Unsubscribe : https://launchpad.net/~freeipa More help : https://help.launchpad.net/ListHelp