subject:"\[Freeipa\-users\] FreeIpa client can't execute any command"

Re: [Freeipa-users] FreeIpa client can't execute any command

2017-01-09 Thread Petr Vobornik

On 01/09/2017 02:56 PM, Андрей Ривкин wrote:
> Hello everyone!
> 
> I'm new to FreeIpa, so if my question is very simple just point me to the 
> documentation.
> 
> I've installed FreeIpa on host demo3.xxx.com .
> Then registred some other host demo5.xxx.com . I've 
> used 
> ipa add host command.
> Then installed ipa-client and ipa-admin-tools demo5.
> Checked that they worked and were able to execute commands like kinit and ipa 
> host-find.
> 
> On the host demo3 I've restarted service ipa (service ipa restart).
> Now I'm able to execute  ipa host-find on demo3, but not able to execute this 
> command on demo3.
> I've done kinit by 'someadmin'.
> All ipa commands not working:
> 
> 
> [root@demo5 ~]# ipa -v -d
> ipa: DEBUG: Starting external process
> ipa: DEBUG: args=keyctl search @s user ipa_session_cookie:somead...@xxx.com 
> 
> ipa: DEBUG: Process finished, return code=1
> ipa: DEBUG: stdout=
> ipa: DEBUG: stderr=keyctl_search: Required key not available
> 
> ipa: DEBUG: failed to find session_cookie in persistent storage for principal 
> 'somead...@xxx.com '
> ipa: INFO: trying https://demo3.xxx.com/ipa/json
> ipa: DEBUG: Created connection context.rpcclient_41215888
> ipa: INFO: Forwarding 'schema' to json server 'https://demo3.xxx.com/ipa/json'
> ipa: DEBUG: Destroyed connection context.rpcclient_41215888
> ipa: ERROR: Service 'h...@demo3.xxx.com ' not 
> found 
> in Kerberos database
> 
> 
> It looks like my client is not connected to my server.
> Any ideas how to debug this situation?
> 
> P.S. Hosts - Centos 7. DNS on demo3.
> 
> Regards,
> Andrey
> 


Does following sequence work the same way on both demo3 and demo5?

 $ kdestroy -A
 $ kinit someadmin
 $ kvno HTTP/demo3.xxx.com

Does `ipactl status` show that all services are running fine?

-- 
Petr Vobornik

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

[Freeipa-users] FreeIpa client can't execute any command

2017-01-09 Thread Андрей Ривкин

Hello everyone!

I'm new to FreeIpa, so if my question is very simple just point me to the
documentation.

I've installed FreeIpa on host demo3.xxx.com.
Then registred some other host demo5.xxx.com. I've used ipa add host
command.
Then installed ipa-client and ipa-admin-tools demo5.
Checked that they worked and were able to execute commands like kinit and
ipa host-find.

On the host demo3 I've restarted service ipa (service ipa restart).
Now I'm able to execute  ipa host-find on demo3, but not able to execute
this command on demo3.
I've done kinit by 'someadmin'.
All ipa commands not working:


[root@demo5 ~]# ipa -v -d
ipa: DEBUG: Starting external process
ipa: DEBUG: args=keyctl search @s user ipa_session_cookie:somead...@xxx.com
ipa: DEBUG: Process finished, return code=1
ipa: DEBUG: stdout=
ipa: DEBUG: stderr=keyctl_search: Required key not available

ipa: DEBUG: failed to find session_cookie in persistent storage for
principal 'somead...@xxx.com'
ipa: INFO: trying https://demo3.xxx.com/ipa/json
ipa: DEBUG: Created connection context.rpcclient_41215888
ipa: INFO: Forwarding 'schema' to json server '
https://demo3.xxx.com/ipa/json'
ipa: DEBUG: Destroyed connection context.rpcclient_41215888
ipa: ERROR: Service 'h...@demo3.xxx.com' not found in Kerberos database


It looks like my client is not connected to my server.
Any ideas how to debug this situation?

P.S. Hosts - Centos 7. DNS on demo3.

Regards,
Andrey
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] FreeIpa client can't execute any command

[Freeipa-users] FreeIpa client can't execute any command

2 matches

Site Navigation

Mail list logo

Footer information