subject:"\[Freeipa\-users\] Re\: new client setup"

[Freeipa-users] Re: new client setup

2018-03-06 Thread Andrew Meyer via FreeIPA-users

Florence,Thanks yeah I was able to telnet to port 389.  It was the TTL of the 
DNS records.  It finally flushed and worked.
Cheers! 

On Tuesday, March 6, 2018 3:34 PM, Florence Blanc-Renaud via FreeIPA-users 
 wrote:
 

 On 06/03/2018 21:39, Andrew Meyer via FreeIPA-users wrote:
> I am trying to add another client in my main location and getting the 
> following information:
> [user@freeipa01 ipa]$ sudo ipa-client-install --domain=stl1.example.net 
> --realm=stl1.example.net --mkhomedir --enable-dns-updates
> Skip infra-test-ipa.example.net.stl1.example.net: LDAP server is not 
> responding, unable to verify if this is an IPA server
> Skip infra-test-ipa2.example.net.stl1.example.net: LDAP server is not 
> responding, unable to verify if this is an IPA server
> Skip infra-test-ipa.example.net.stl1.example.net: LDAP server is not 
> responding, unable to verify if this is an IPA server
> Skip infra-test-ipa2.example.net.stl1.example.net: LDAP server is not 
> responding, unable to verify if this is an IPA server
> Provide your IPA server name (ex: ipa.example.com): ^CThe 
> ipa-client-install command failed. See /var/log/ipaclient-install.log 
> for more information
> [user@freeipa01 ipa]$
> 
> 
> [user@freeipa01 ~]$ sudo ipa-client-install --domain=example.net 
> --realm=example.net --mkhomedir --enable-dns-updates
> Skip infra-test-ipa.example.net: cannot verify if this is an IPA server
> Skip infra-test-ipa2.example.net: cannot verify if this is an IPA server
> Skip freeipa03.east.example.net: cannot verify if this is an IPA server
> Skip freeipa01.east.example.net: cannot verify if this is an IPA server
> Provide your IPA server name (ex: ipa.example.com): ^CThe 
> ipa-client-install command failed. See /var/log/ipaclient-install.log 
> for more information
> [user@freeipa01 ~]$
> 
> I have checked my /etc/resolv.conf and made sure that they are pointed 
> at the current local FreeIPA nameservers/resolvers.
> 
> Here is the output /var/log/ipaclient-install.log
> 
> [user@freeipa01 ~]$ sudo cat /var/log/ipaclient-install.log
> 2018-03-06T20:29:32Z DEBUG Logging to /var/log/ipaclient-install.log
> 2018-03-06T20:29:32Z DEBUG ipa-client-install was invoked with arguments 
> [] and options: {'no_dns_sshfp': False, 'force': False, 'verbose': 
> False, 'ip_addresses': None, 'configure_firefox': False, 'realm_name': 
> 'stl1.example.net', 'force_ntpd': False, 'on_master': False, 
> 'no_nisdomain': False, 'ssh_trust_dns': False, 'principal': None, 
> 'keytab': None, 'no_ntp': False, 'domain_name': 'stl1.example.net', 
> 'request_cert': False, 'fixed_primary': False, 'no_ac': False, 
> 'no_sudo': False, 'ca_cert_files': None, 'all_ip_addresses': False, 
> 'kinit_attempts': None, 'ntp_servers': None, 'enable_dns_updates': True, 
> 'no_sshd': False, 'no_sssd': False, 'no_krb5_offline_passwords': False, 
> 'servers': None, 'no_ssh': False, 'force_join': False, 'firefox_dir': 
> None, 'unattended': False, 'quiet': False, 'nisdomain': None, 
> 'prompt_password': False, 'host_name': None, 'permit': False, 
> 'automount_location': None, 'preserve_sssd': False, 'mkhomedir': True, 
> 'log_file': None, 'uninstall': False}
> 2018-03-06T20:29:32Z DEBUG IPA version 4.5.0-22.el7.centos
> 2018-03-06T20:29:32Z DEBUG Loading Index file from 
> '/var/lib/ipa-client/sysrestore/sysrestore.index'
> 2018-03-06T20:29:32Z DEBUG Starting external process
> 2018-03-06T20:29:32Z DEBUG args=/usr/sbin/selinuxenabled
> 2018-03-06T20:29:32Z DEBUG Process finished, return code=1
> 2018-03-06T20:29:32Z DEBUG stdout=
> 2018-03-06T20:29:32Z DEBUG stderr=
> 2018-03-06T20:29:32Z DEBUG Starting external process
> 2018-03-06T20:29:32Z DEBUG args=/bin/systemctl is-enabled chronyd.service
> 2018-03-06T20:29:32Z DEBUG Process finished, return code=1
> 2018-03-06T20:29:32Z DEBUG stdout=disabled
> 
> 2018-03-06T20:29:32Z DEBUG stderr=
> 2018-03-06T20:29:32Z DEBUG Starting external process
> 2018-03-06T20:29:32Z DEBUG args=/bin/systemctl is-active chronyd.service
> 2018-03-06T20:29:32Z DEBUG Process finished, return code=3
> 2018-03-06T20:29:32Z DEBUG stdout=unknown
> 
> 2018-03-06T20:29:32Z DEBUG stderr=
> 2018-03-06T20:29:37Z DEBUG [IPA Discovery]
> 2018-03-06T20:29:37Z DEBUG Starting IPA discovery with 
> domain=stl1.example.net, servers=None, hostname=freeipa01.stl1.example.net
> 2018-03-06T20:29:37Z DEBUG Search for LDAP SRV record in stl1.example.net
> 2018-03-06T20:29:37Z DEBUG Search DNS for SRV record of 
> _ldap._tcp.stl1.example.net
> 2018-03-06T20:29:37Z DEBUG DNS record found: 0 100 389 
> infra-test-ipa.example.net.stl1.example.net.
> 2018-03-06T20:29:37Z DEBUG DNS record found: 0 100 389 
> infra-test-ipa2.example.net.stl1.example.net.
> 2018-03-06T20:29:37Z DEBUG [Kerberos realm search]
> 2018-03-06T20:29:37Z DEBUG Kerberos realm forced
> 2018-03-06T20:29:37Z DEBUG Search DNS for SRV record of 
> _kerberos._udp.stl1.example.net
> 2018-03-06T20:29:37Z DEBUG DNS record found: 0 100 88 
>

[Freeipa-users] Re: new client setup

2018-03-06 Thread Florence Blanc-Renaud via FreeIPA-users


On 06/03/2018 21:39, Andrew Meyer via FreeIPA-users wrote:
I am trying to add another client in my main location and getting the 
following information:
[user@freeipa01 ipa]$ sudo ipa-client-install --domain=stl1.example.net 
--realm=stl1.example.net --mkhomedir --enable-dns-updates
Skip infra-test-ipa.example.net.stl1.example.net: LDAP server is not 
responding, unable to verify if this is an IPA server
Skip infra-test-ipa2.example.net.stl1.example.net: LDAP server is not 
responding, unable to verify if this is an IPA server
Skip infra-test-ipa.example.net.stl1.example.net: LDAP server is not 
responding, unable to verify if this is an IPA server
Skip infra-test-ipa2.example.net.stl1.example.net: LDAP server is not 
responding, unable to verify if this is an IPA server
Provide your IPA server name (ex: ipa.example.com): ^CThe 
ipa-client-install command failed. See /var/log/ipaclient-install.log 
for more information

[user@freeipa01 ipa]$


[user@freeipa01 ~]$ sudo ipa-client-install --domain=example.net 
--realm=example.net --mkhomedir --enable-dns-updates

Skip infra-test-ipa.example.net: cannot verify if this is an IPA server
Skip infra-test-ipa2.example.net: cannot verify if this is an IPA server
Skip freeipa03.east.example.net: cannot verify if this is an IPA server
Skip freeipa01.east.example.net: cannot verify if this is an IPA server
Provide your IPA server name (ex: ipa.example.com): ^CThe 
ipa-client-install command failed. See /var/log/ipaclient-install.log 
for more information

[user@freeipa01 ~]$

I have checked my /etc/resolv.conf and made sure that they are pointed 
at the current local FreeIPA nameservers/resolvers.


Here is the output /var/log/ipaclient-install.log

[user@freeipa01 ~]$ sudo cat /var/log/ipaclient-install.log
2018-03-06T20:29:32Z DEBUG Logging to /var/log/ipaclient-install.log
2018-03-06T20:29:32Z DEBUG ipa-client-install was invoked with arguments 
[] and options: {'no_dns_sshfp': False, 'force': False, 'verbose': 
False, 'ip_addresses': None, 'configure_firefox': False, 'realm_name': 
'stl1.example.net', 'force_ntpd': False, 'on_master': False, 
'no_nisdomain': False, 'ssh_trust_dns': False, 'principal': None, 
'keytab': None, 'no_ntp': False, 'domain_name': 'stl1.example.net', 
'request_cert': False, 'fixed_primary': False, 'no_ac': False, 
'no_sudo': False, 'ca_cert_files': None, 'all_ip_addresses': False, 
'kinit_attempts': None, 'ntp_servers': None, 'enable_dns_updates': True, 
'no_sshd': False, 'no_sssd': False, 'no_krb5_offline_passwords': False, 
'servers': None, 'no_ssh': False, 'force_join': False, 'firefox_dir': 
None, 'unattended': False, 'quiet': False, 'nisdomain': None, 
'prompt_password': False, 'host_name': None, 'permit': False, 
'automount_location': None, 'preserve_sssd': False, 'mkhomedir': True, 
'log_file': None, 'uninstall': False}

2018-03-06T20:29:32Z DEBUG IPA version 4.5.0-22.el7.centos
2018-03-06T20:29:32Z DEBUG Loading Index file from 
'/var/lib/ipa-client/sysrestore/sysrestore.index'

2018-03-06T20:29:32Z DEBUG Starting external process
2018-03-06T20:29:32Z DEBUG args=/usr/sbin/selinuxenabled
2018-03-06T20:29:32Z DEBUG Process finished, return code=1
2018-03-06T20:29:32Z DEBUG stdout=
2018-03-06T20:29:32Z DEBUG stderr=
2018-03-06T20:29:32Z DEBUG Starting external process
2018-03-06T20:29:32Z DEBUG args=/bin/systemctl is-enabled chronyd.service
2018-03-06T20:29:32Z DEBUG Process finished, return code=1
2018-03-06T20:29:32Z DEBUG stdout=disabled

2018-03-06T20:29:32Z DEBUG stderr=
2018-03-06T20:29:32Z DEBUG Starting external process
2018-03-06T20:29:32Z DEBUG args=/bin/systemctl is-active chronyd.service
2018-03-06T20:29:32Z DEBUG Process finished, return code=3
2018-03-06T20:29:32Z DEBUG stdout=unknown

2018-03-06T20:29:32Z DEBUG stderr=
2018-03-06T20:29:37Z DEBUG [IPA Discovery]
2018-03-06T20:29:37Z DEBUG Starting IPA discovery with 
domain=stl1.example.net, servers=None, hostname=freeipa01.stl1.example.net

2018-03-06T20:29:37Z DEBUG Search for LDAP SRV record in stl1.example.net
2018-03-06T20:29:37Z DEBUG Search DNS for SRV record of 
_ldap._tcp.stl1.example.net
2018-03-06T20:29:37Z DEBUG DNS record found: 0 100 389 
infra-test-ipa.example.net.stl1.example.net.
2018-03-06T20:29:37Z DEBUG DNS record found: 0 100 389 
infra-test-ipa2.example.net.stl1.example.net.

2018-03-06T20:29:37Z DEBUG [Kerberos realm search]
2018-03-06T20:29:37Z DEBUG Kerberos realm forced
2018-03-06T20:29:37Z DEBUG Search DNS for SRV record of 
_kerberos._udp.stl1.example.net
2018-03-06T20:29:37Z DEBUG DNS record found: 0 100 88 
infra-test-ipa.example.net.stl1.example.net.
2018-03-06T20:29:37Z DEBUG DNS record found: 0 100 88 
infra-test-ipa2.example.net.stl1.example.net.

2018-03-06T20:29:37Z DEBUG [LDAP server check]
2018-03-06T20:29:37Z DEBUG Verifying that 
infra-test-ipa.example.net.stl1.example.net (realm stl1.example.net) is 
an IPA server
2018-03-06T20:29:37Z DEBUG Init LDAP connection to: 
ldap://infra-test-ipa.example.net.stl1.example.net:389

[Freeipa-users] Re: new client setup

2018-03-06 Thread Rob Crittenden via FreeIPA-users

Andrew Meyer via FreeIPA-users wrote:
> I am trying to add another client in my main location and getting the
> following information:
> [user@freeipa01 ipa]$ sudo ipa-client-install --domain=stl1.example.net
> --realm=stl1.example.net --mkhomedir --enable-dns-updates
> Skip infra-test-ipa.example.net.stl1.example.net: LDAP server is not
> responding, unable to verify if this is an IPA server
> Skip infra-test-ipa2.example.net.stl1.example.net: LDAP server is not
> responding, unable to verify if this is an IPA server
> Skip infra-test-ipa.example.net.stl1.example.net: LDAP server is not
> responding, unable to verify if this is an IPA server
> Skip infra-test-ipa2.example.net.stl1.example.net: LDAP server is not
> responding, unable to verify if this is an IPA server
> Provide your IPA server name (ex: ipa.example.com): ^CThe
> ipa-client-install command failed. See /var/log/ipaclient-install.log
> for more information
> [user@freeipa01 ipa]$
> 
> 
> [user@freeipa01 ~]$ sudo ipa-client-install --domain=example.net
> --realm=example.net --mkhomedir --enable-dns-updates
> Skip infra-test-ipa.example.net: cannot verify if this is an IPA server
> Skip infra-test-ipa2.example.net: cannot verify if this is an IPA server
> Skip freeipa03.east.example.net: cannot verify if this is an IPA server
> Skip freeipa01.east.example.net: cannot verify if this is an IPA server
> Provide your IPA server name (ex: ipa.example.com): ^CThe
> ipa-client-install command failed. See /var/log/ipaclient-install.log
> for more information
> [user@freeipa01 ~]$
> 
> I have checked my /etc/resolv.conf and made sure that they are pointed
> at the current local FreeIPA nameservers/resolvers.  
> 
> Here is the output /var/log/ipaclient-install.log
> 
> [user@freeipa01 ~]$ sudo cat /var/log/ipaclient-install.log
> 2018-03-06T20:29:32Z DEBUG Logging to /var/log/ipaclient-install.log
> 2018-03-06T20:29:32Z DEBUG ipa-client-install was invoked with arguments
> [] and options: {'no_dns_sshfp': False, 'force': False, 'verbose':
> False, 'ip_addresses': None, 'configure_firefox': False, 'realm_name':
> 'stl1.example.net', 'force_ntpd': False, 'on_master': False,
> 'no_nisdomain': False, 'ssh_trust_dns': False, 'principal': None,
> 'keytab': None, 'no_ntp': False, 'domain_name': 'stl1.example.net',
> 'request_cert': False, 'fixed_primary': False, 'no_ac': False,
> 'no_sudo': False, 'ca_cert_files': None, 'all_ip_addresses': False,
> 'kinit_attempts': None, 'ntp_servers': None, 'enable_dns_updates': True,
> 'no_sshd': False, 'no_sssd': False, 'no_krb5_offline_passwords': False,
> 'servers': None, 'no_ssh': False, 'force_join': False, 'firefox_dir':
> None, 'unattended': False, 'quiet': False, 'nisdomain': None,
> 'prompt_password': False, 'host_name': None, 'permit': False,
> 'automount_location': None, 'preserve_sssd': False, 'mkhomedir': True,
> 'log_file': None, 'uninstall': False}
> 2018-03-06T20:29:32Z DEBUG IPA version 4.5.0-22.el7.centos
> 2018-03-06T20:29:32Z DEBUG Loading Index file from
> '/var/lib/ipa-client/sysrestore/sysrestore.index'
> 2018-03-06T20:29:32Z DEBUG Starting external process
> 2018-03-06T20:29:32Z DEBUG args=/usr/sbin/selinuxenabled
> 2018-03-06T20:29:32Z DEBUG Process finished, return code=1
> 2018-03-06T20:29:32Z DEBUG stdout=
> 2018-03-06T20:29:32Z DEBUG stderr=
> 2018-03-06T20:29:32Z DEBUG Starting external process
> 2018-03-06T20:29:32Z DEBUG args=/bin/systemctl is-enabled chronyd.service
> 2018-03-06T20:29:32Z DEBUG Process finished, return code=1
> 2018-03-06T20:29:32Z DEBUG stdout=disabled
> 
> 2018-03-06T20:29:32Z DEBUG stderr=
> 2018-03-06T20:29:32Z DEBUG Starting external process
> 2018-03-06T20:29:32Z DEBUG args=/bin/systemctl is-active chronyd.service
> 2018-03-06T20:29:32Z DEBUG Process finished, return code=3
> 2018-03-06T20:29:32Z DEBUG stdout=unknown
> 
> 2018-03-06T20:29:32Z DEBUG stderr=
> 2018-03-06T20:29:37Z DEBUG [IPA Discovery]
> 2018-03-06T20:29:37Z DEBUG Starting IPA discovery with
> domain=stl1.example.net, servers=None, hostname=freeipa01.stl1.example.net
> 2018-03-06T20:29:37Z DEBUG Search for LDAP SRV record in stl1.example.net
> 2018-03-06T20:29:37Z DEBUG Search DNS for SRV record of
> _ldap._tcp.stl1.example.net
> 2018-03-06T20:29:37Z DEBUG DNS record found: 0 100 389
> infra-test-ipa.example.net.stl1.example.net.
> 2018-03-06T20:29:37Z DEBUG DNS record found: 0 100 389
> infra-test-ipa2.example.net.stl1.example.net.
> 2018-03-06T20:29:37Z DEBUG [Kerberos realm search]
> 2018-03-06T20:29:37Z DEBUG Kerberos realm forced
> 2018-03-06T20:29:37Z DEBUG Search DNS for SRV record of
> _kerberos._udp.stl1.example.net
> 2018-03-06T20:29:37Z DEBUG DNS record found: 0 100 88
> infra-test-ipa.example.net.stl1.example.net.
> 2018-03-06T20:29:37Z DEBUG DNS record found: 0 100 88
> infra-test-ipa2.example.net.stl1.example.net.
> 2018-03-06T20:29:37Z DEBUG [LDAP server check]
> 2018-03-06T20:29:37Z DEBUG Verifying that
> infra-test-ipa.example.net.stl1.example.net (realm stl1.example.net) is
> an IPA

[Freeipa-users] Re: new client setup

[Freeipa-users] Re: new client setup

[Freeipa-users] Re: new client setup

3 matches

Site Navigation

Mail list logo

Footer information