[Freeipa-users] Joining realm failed: Host is already joined
Hello all, When I do ipa-client-install on a client with previous unsuccessful installation, I get this error message: Joining realm failed: Host is already joined. Installation failed. Rolling back changes. IPA client is not configured on this system. How do I clean up the machine for a clean installation? I tried ipa-client-install --uninstall but get this: IPA client is not configured on this system. Thanks, George ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Joining realm failed: Host is already joined
Hello Rob, Here is what I get by running the commands: # klist -kt /etc/krb5.keytab Keytab name: FILE:/etc/krb5.keytab KVNO Timestamp Principal - # ipa-rmkeytab -k /etc/krb5.keytab -r MYREALM realm not found # I thought the commands didn't solve the problem, but when I run ipa-client-install again, it says at the end Client configuration complete. and it was found on the server by ipa host-find. So I guess the problem is gone. Your help is very appreciated. George From: Rob Crittenden rcrit...@redhat.com To: george he george_...@yahoo.com Cc: Petr Viktorin pvikt...@redhat.com; freeipa-users@redhat.com freeipa-users@redhat.com Sent: Thursday, June 21, 2012 11:18 AM Subject: Re: [Freeipa-users] Joining realm failed: Host is already joined george he wrote: Thanks Petr, Now it says: Failed to obtain host TGT. Installation failed. Rolling back changes. I did the manual installation on this machine when the ipa-client-install script failed. I guess there's a lot to clean up :( /var/log/ipaclient-install.log may have more details on the failure. It could be that you have a lingering host principal. Run klist -kt /etc/krb5.keytab. To remove all principals for your realm from this keytab run: # ipa-rmkeytab -k /etc/krb5.keytab -r YOUR_REALM rob ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Joining realm failed: Host is already joined
On 06/21/2012 11:43 AM, george he wrote: Hello Rob, Here is what I get by running the commands: # klist -kt /etc/krb5.keytab Keytab name: FILE:/etc/krb5.keytab KVNO Timestamp Principal - # ipa-rmkeytab -k /etc/krb5.keytab -r MYREALM realm not found # I thought the commands didn't solve the problem, but when I run ipa-client-install again, it says at the end Client configuration complete. and it was found on the server by ipa host-find. So I guess the problem is gone. Your help is very appreciated. George *From:* Rob Crittenden rcrit...@redhat.com *To:* george he george_...@yahoo.com *Cc:* Petr Viktorin pvikt...@redhat.com; freeipa-users@redhat.com freeipa-users@redhat.com *Sent:* Thursday, June 21, 2012 11:18 AM *Subject:* Re: [Freeipa-users] Joining realm failed: Host is already joined george he wrote: Thanks Petr, Now it says: Failed to obtain host TGT. Installation failed. Rolling back changes. I did the manual installation on this machine when the ipa-client-install script failed. I guess there's a lot to clean up :( /var/log/ipaclient-install.log may have more details on the failure. It could be that you have a lingering host principal. Run klist -kt /etc/krb5.keytab. To remove all principals for your realm from this keytab run: # ipa-rmkeytab -k /etc/krb5.keytab -r YOUR_REALM rob ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users Rob, IMO for cases like this we should have a page about how to wipe out the client manually. In the past I ran the uninstall several times in a row and sometimes it helped. -- Thank you, Dmitri Pal Sr. Engineering Manager IPA project, Red Hat Inc. --- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users