Re: [Freeipa-users] adding ubuntu client to red hat server
On 21.2.2014 19:51, Will Sheldon wrote: Do you have your IPA server set as the name server for the client in /etc/resolv.conf ? Did you run command "ipa dnszone-mod example.com. --dynamic-updates=TRUE" on your IPA server? /var/log/ipaclient-install.log should contain some hints. Petr^2 Spacek This is my install script, it may help you a bit. It does need a bit more work http://pastebin.com/mqdTZ3RU Ideally I’d like to convert it to an ansible playbook and have it from from the IPA host. Slightly unrelated, but have a read of this ticket, it makes some good suggestions at the bottom: https://bugs.launchpad.net/bugs/1280215 Kind regards, Will Sheldon +1.778-689-1244 On Friday, February 21, 2014 at 9:55 AM, Todd Maugh wrote: OK I got it to go through with this but i don't understand the errors cause it didn't seem to work. Domain boingo.com (http://boingo.com) is already configured in existing SSSD config, creating a new one. The old /etc/sssd/sssd.conf is backed up and will be restored during uninstall. Configured /etc/sssd/sssd.conf Configured /etc/krb5.conf for IPA realm BOINGO.COM trying https://se-idm-01.boingo.com/ipa/xml Forwarding 'env' to server u'https://se-idm-01.boingo.com/ipa/xml' Hostname (se-idm-ubuntu-client-01.boingo.com (http://se-idm-ubuntu-client-01.boingo.com)) not found in DNS Failed to update DNS records. certmonger failed to stop: [Errno 2] No such file or directory: '/var/run/ipa/services.list' Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub Adding SSH public key from /etc/ssh/ssh_host_dsa_key.pub Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub Forwarding 'host_mod' to server u'https://se-idm-01.boingo.com/ipa/xml' Could not update DNS SSHFP records. From: Will Sheldon [m...@willsheldon.com (mailto:m...@willsheldon.com)] Sent: Friday, February 21, 2014 9:46 AM To: Todd Maugh Cc: freeipa-users@redhat.com (mailto:freeipa-users@redhat.com) Subject: Re: [Freeipa-users] adding ubuntu client to red hat server I also ran into this problem. I ended up using vm’s to test and just reverting to snapshots. I believe that the install script checks for presence a couple of files that you can delete to be able retry though, have a look in the install script. (Also, did you try with ‘—force'?) Kind regards, Will Sheldon +1.778-689-1244 On Friday, February 21, 2014 at 9:42 AM, Todd Maugh wrote: thanks IM trying that but running in to an issue where it says im still installed I run the uninstall command and I get this root@se-idm-ubuntu-client-01:~# ipa-client-install --uninstall Unconfigured automount client failed: [Errno 2] No such file or directory certmonger failed to start: [Errno 2] No such file or directory: '/var/run/ipa/services.list' certmonger failed to stop: [Errno 2] No such file or directory: '/var/run/ipa/services.list' Disabling client Kerberos and LDAP configurations Failed to remove krb5/LDAP configuration: isnt there a conf file I can remove or a a way to force the uninstall? From: Will Sheldon [m...@willsheldon.com (mailto:m...@willsheldon.com)] Sent: Friday, February 21, 2014 9:32 AM To: Todd Maugh Cc: freeipa-users@redhat.com (mailto:freeipa-users@redhat.com) Subject: Re: [Freeipa-users] adding ubuntu client to red hat server I ran into this, there was a post bout it a little while back. It seems that you can modify ipapython/version.py to revert the version number for enrolment, then revert it. with no ill effects. My script looks like: #revert reported version of ipapython so keys will upload properly (backup first tho) cp /usr/share/pyshared/ipapython/version.py /usr/share/pyshared/ipapython/version.py.bak sed -i "s/API_VERSION=.*/API_VERSION=u'2.49'/g" /usr/share/pyshared/ipapython/version.py # install! ipa-client-install -d -U --enable-dns-updates --hostname=$FQDN --mkhomedir --password=$PASS #revert change to the ipapython version back again #rm -f /usr/share/pyshared/ipapython/version.py && mv /usr/share/pyshared/ipapython/version.py.bak /usr/share/pyshared/ipapython/version.py Kind regards, Will Sheldon +1.778-689-1244 On Friday, February 21, 2014 at 9:20 AM, Todd Maugh wrote: Hello, Another day another issue it seems :) so I'm trying to set up an ubunutu client I get almost all the way through the install and it fails with a version error. Ive hear this is a known bug and there is a fix out there. although Im not sure how to apply the fix or get the older client install. my error is as follows: Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub Adding SSH public key from /etc/ssh/ssh_host_dsa_key.pub Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub Forwarding 'host_mod' to server u'https://se-idm-01.boingo.com/ipa/xml' host_mod: 2.58 client incompatible with 2.49 server at u'https://se-idm-01.boin
Re: [Freeipa-users] adding ubuntu client to red hat server
Do you have your IPA server set as the name server for the client in /etc/resolv.conf ? This is my install script, it may help you a bit. It does need a bit more work http://pastebin.com/mqdTZ3RU Ideally I’d like to convert it to an ansible playbook and have it from from the IPA host. Slightly unrelated, but have a read of this ticket, it makes some good suggestions at the bottom: https://bugs.launchpad.net/bugs/1280215 Kind regards, Will Sheldon +1.778-689-1244 On Friday, February 21, 2014 at 9:55 AM, Todd Maugh wrote: > OK I got it to go through with this > > but i don't understand the errors cause it didn't seem to work. > > Domain boingo.com (http://boingo.com) is already configured in existing SSSD > config, creating a new one. > The old /etc/sssd/sssd.conf is backed up and will be restored during > uninstall. > Configured /etc/sssd/sssd.conf > Configured /etc/krb5.conf for IPA realm BOINGO.COM > trying https://se-idm-01.boingo.com/ipa/xml > Forwarding 'env' to server u'https://se-idm-01.boingo.com/ipa/xml' > Hostname (se-idm-ubuntu-client-01.boingo.com > (http://se-idm-ubuntu-client-01.boingo.com)) not found in DNS > Failed to update DNS records. > certmonger failed to stop: [Errno 2] No such file or directory: > '/var/run/ipa/services.list' > Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub > Adding SSH public key from /etc/ssh/ssh_host_dsa_key.pub > Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub > Forwarding 'host_mod' to server u'https://se-idm-01.boingo.com/ipa/xml' > Could not update DNS SSHFP records. > > > From: Will Sheldon [m...@willsheldon.com (mailto:m...@willsheldon.com)] > Sent: Friday, February 21, 2014 9:46 AM > To: Todd Maugh > Cc: freeipa-users@redhat.com (mailto:freeipa-users@redhat.com) > Subject: Re: [Freeipa-users] adding ubuntu client to red hat server > > I also ran into this problem. I ended up using vm’s to test and just > reverting to snapshots. > > I believe that the install script checks for presence a couple of files that > you can delete to be able retry though, have a look in the install script. > (Also, did you try with ‘—force'?) > > > Kind regards, > > Will Sheldon > +1.778-689-1244 > > > On Friday, February 21, 2014 at 9:42 AM, Todd Maugh wrote: > > > thanks IM trying that but running in to an issue where it says im still > > installed I run the uninstall command and I get this > > > > root@se-idm-ubuntu-client-01:~# ipa-client-install --uninstall > > Unconfigured automount client failed: [Errno 2] No such file or directory > > certmonger failed to start: [Errno 2] No such file or directory: > > '/var/run/ipa/services.list' > > certmonger failed to stop: [Errno 2] No such file or directory: > > '/var/run/ipa/services.list' > > Disabling client Kerberos and LDAP configurations > > Failed to remove krb5/LDAP configuration: > > > > isnt there a conf file I can remove or a a way to force the uninstall? > > > > > > From: Will Sheldon [m...@willsheldon.com (mailto:m...@willsheldon.com)] > > Sent: Friday, February 21, 2014 9:32 AM > > To: Todd Maugh > > Cc: freeipa-users@redhat.com (mailto:freeipa-users@redhat.com) > > Subject: Re: [Freeipa-users] adding ubuntu client to red hat server > > > > > > I ran into this, there was a post bout it a little while back. It seems > > that you can modify ipapython/version.py to revert the version number for > > enrolment, then revert it. with no ill effects. > > > > My script looks like: > > > > #revert reported version of ipapython so keys will upload properly (backup > > first tho) > > cp /usr/share/pyshared/ipapython/version.py > > /usr/share/pyshared/ipapython/version.py.bak > > sed -i "s/API_VERSION=.*/API_VERSION=u'2.49'/g" > > /usr/share/pyshared/ipapython/version.py > > > > # install! > > ipa-client-install -d -U --enable-dns-updates --hostname=$FQDN --mkhomedir > > --password=$PASS > > > > #revert change to the ipapython version back again > > #rm -f /usr/share/pyshared/ipapython/version.py && mv > > /usr/share/pyshared/ipapython/version.py.bak > > /usr/share/pyshared/ipapython/version.py > > > > > > > > > > > > Kind regards, > > > > Will Sheldon > > +1.778-689-1244 > > > > > > On Friday, February 21, 2014 at 9:20 AM, Todd Maugh wrote: > > > > > Hello, > > > > > > Another day another i
Re: [Freeipa-users] adding ubuntu client to red hat server
OK I got it to go through with this but i don't understand the errors cause it didn't seem to work. Domain boingo.com is already configured in existing SSSD config, creating a new one. The old /etc/sssd/sssd.conf is backed up and will be restored during uninstall. Configured /etc/sssd/sssd.conf Configured /etc/krb5.conf for IPA realm BOINGO.COM trying https://se-idm-01.boingo.com/ipa/xml Forwarding 'env' to server u'https://se-idm-01.boingo.com/ipa/xml' Hostname (se-idm-ubuntu-client-01.boingo.com) not found in DNS Failed to update DNS records. certmonger failed to stop: [Errno 2] No such file or directory: '/var/run/ipa/services.list' Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub Adding SSH public key from /etc/ssh/ssh_host_dsa_key.pub Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub Forwarding 'host_mod' to server u'https://se-idm-01.boingo.com/ipa/xml' Could not update DNS SSHFP records. From: Will Sheldon [m...@willsheldon.com] Sent: Friday, February 21, 2014 9:46 AM To: Todd Maugh Cc: freeipa-users@redhat.com Subject: Re: [Freeipa-users] adding ubuntu client to red hat server I also ran into this problem. I ended up using vm’s to test and just reverting to snapshots. I believe that the install script checks for presence a couple of files that you can delete to be able retry though, have a look in the install script. (Also, did you try with ‘—force'?) Kind regards, Will Sheldon +1.778-689-1244 On Friday, February 21, 2014 at 9:42 AM, Todd Maugh wrote: thanks IM trying that but running in to an issue where it says im still installed I run the uninstall command and I get this root@se-idm-ubuntu-client-01:~# ipa-client-install --uninstall Unconfigured automount client failed: [Errno 2] No such file or directory certmonger failed to start: [Errno 2] No such file or directory: '/var/run/ipa/services.list' certmonger failed to stop: [Errno 2] No such file or directory: '/var/run/ipa/services.list' Disabling client Kerberos and LDAP configurations Failed to remove krb5/LDAP configuration: isnt there a conf file I can remove or a a way to force the uninstall? From: Will Sheldon [m...@willsheldon.com<mailto:m...@willsheldon.com>] Sent: Friday, February 21, 2014 9:32 AM To: Todd Maugh Cc: freeipa-users@redhat.com<mailto:freeipa-users@redhat.com> Subject: Re: [Freeipa-users] adding ubuntu client to red hat server I ran into this, there was a post bout it a little while back. It seems that you can modify ipapython/version.py to revert the version number for enrolment, then revert it. with no ill effects. My script looks like: #revert reported version of ipapython so keys will upload properly (backup first tho) cp /usr/share/pyshared/ipapython/version.py /usr/share/pyshared/ipapython/version.py.bak sed -i "s/API_VERSION=.*/API_VERSION=u'2.49'/g" /usr/share/pyshared/ipapython/version.py # install! ipa-client-install -d -U --enable-dns-updates --hostname=$FQDN --mkhomedir --password=$PASS #revert change to the ipapython version back again #rm -f /usr/share/pyshared/ipapython/version.py && mv /usr/share/pyshared/ipapython/version.py.bak /usr/share/pyshared/ipapython/version.py Kind regards, Will Sheldon +1.778-689-1244 On Friday, February 21, 2014 at 9:20 AM, Todd Maugh wrote: Hello, Another day another issue it seems :) so I'm trying to set up an ubunutu client I get almost all the way through the install and it fails with a version error. Ive hear this is a known bug and there is a fix out there. although Im not sure how to apply the fix or get the older client install. my error is as follows: Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub Adding SSH public key from /etc/ssh/ssh_host_dsa_key.pub Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub Forwarding 'host_mod' to server u'https://se-idm-01.boingo.com/ipa/xml' host_mod: 2.58 client incompatible with 2.49 server at u'https://se-idm-01.boingo.com/ipa/xml' Failed to upload host SSH public keys. Please help Thanks -Todd tma...@boingo.com<mailto:tma...@boingo.com> ___ Freeipa-users mailing list Freeipa-users@redhat.com<mailto:Freeipa-users@redhat.com> https://www.redhat.com/mailman/listinfo/freeipa-users ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] adding ubuntu client to red hat server
I also ran into this problem. I ended up using vm’s to test and just reverting to snapshots. I believe that the install script checks for presence a couple of files that you can delete to be able retry though, have a look in the install script. (Also, did you try with ‘—force'?) Kind regards, Will Sheldon +1.778-689-1244 On Friday, February 21, 2014 at 9:42 AM, Todd Maugh wrote: > thanks IM trying that but running in to an issue where it says im still > installed I run the uninstall command and I get this > > root@se-idm-ubuntu-client-01:~# ipa-client-install --uninstall > Unconfigured automount client failed: [Errno 2] No such file or directory > certmonger failed to start: [Errno 2] No such file or directory: > '/var/run/ipa/services.list' > certmonger failed to stop: [Errno 2] No such file or directory: > '/var/run/ipa/services.list' > Disabling client Kerberos and LDAP configurations > Failed to remove krb5/LDAP configuration: > > isnt there a conf file I can remove or a a way to force the uninstall? > > > From: Will Sheldon [m...@willsheldon.com (mailto:m...@willsheldon.com)] > Sent: Friday, February 21, 2014 9:32 AM > To: Todd Maugh > Cc: freeipa-users@redhat.com (mailto:freeipa-users@redhat.com) > Subject: Re: [Freeipa-users] adding ubuntu client to red hat server > > > I ran into this, there was a post bout it a little while back. It seems that > you can modify ipapython/version.py to revert the version number for > enrolment, then revert it. with no ill effects. > > My script looks like: > > #revert reported version of ipapython so keys will upload properly (backup > first tho) > cp /usr/share/pyshared/ipapython/version.py > /usr/share/pyshared/ipapython/version.py.bak > sed -i "s/API_VERSION=.*/API_VERSION=u'2.49'/g" > /usr/share/pyshared/ipapython/version.py > > # install! > ipa-client-install -d -U --enable-dns-updates --hostname=$FQDN --mkhomedir > --password=$PASS > > #revert change to the ipapython version back again > #rm -f /usr/share/pyshared/ipapython/version.py && mv > /usr/share/pyshared/ipapython/version.py.bak > /usr/share/pyshared/ipapython/version.py > > > > > > Kind regards, > > Will Sheldon > +1.778-689-1244 > > > On Friday, February 21, 2014 at 9:20 AM, Todd Maugh wrote: > > > Hello, > > > > Another day another issue it seems :) > > > > so I'm trying to set up an ubunutu client I get almost all the way through > > the install and it fails with a version error. Ive hear this is a known bug > > and there is a fix out there. although Im not sure how to apply the fix or > > get the older client install. > > > > my error is as follows: > > > > Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub > > Adding SSH public key from /etc/ssh/ssh_host_dsa_key.pub > > Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub > > Forwarding 'host_mod' to server u'https://se-idm-01.boingo.com/ipa/xml' > > host_mod: 2.58 client incompatible with 2.49 server at > > u'https://se-idm-01.boingo.com/ipa/xml' > > Failed to upload host SSH public keys. > > > > > > Please help > > > > Thanks > > > > -Todd > > tma...@boingo.com (mailto:tma...@boingo.com) > > ___ > > Freeipa-users mailing list > > Freeipa-users@redhat.com (mailto:Freeipa-users@redhat.com) > > https://www.redhat.com/mailman/listinfo/freeipa-users > > > > > > > > ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] adding ubuntu client to red hat server
thanks IM trying that but running in to an issue where it says im still installed I run the uninstall command and I get this root@se-idm-ubuntu-client-01:~# ipa-client-install --uninstall Unconfigured automount client failed: [Errno 2] No such file or directory certmonger failed to start: [Errno 2] No such file or directory: '/var/run/ipa/services.list' certmonger failed to stop: [Errno 2] No such file or directory: '/var/run/ipa/services.list' Disabling client Kerberos and LDAP configurations Failed to remove krb5/LDAP configuration: isnt there a conf file I can remove or a a way to force the uninstall? From: Will Sheldon [m...@willsheldon.com] Sent: Friday, February 21, 2014 9:32 AM To: Todd Maugh Cc: freeipa-users@redhat.com Subject: Re: [Freeipa-users] adding ubuntu client to red hat server I ran into this, there was a post bout it a little while back. It seems that you can modify ipapython/version.py to revert the version number for enrolment, then revert it. with no ill effects. My script looks like: #revert reported version of ipapython so keys will upload properly (backup first tho) cp /usr/share/pyshared/ipapython/version.py /usr/share/pyshared/ipapython/version.py.bak sed -i "s/API_VERSION=.*/API_VERSION=u'2.49'/g" /usr/share/pyshared/ipapython/version.py # install! ipa-client-install -d -U --enable-dns-updates --hostname=$FQDN --mkhomedir --password=$PASS #revert change to the ipapython version back again #rm -f /usr/share/pyshared/ipapython/version.py && mv /usr/share/pyshared/ipapython/version.py.bak /usr/share/pyshared/ipapython/version.py Kind regards, Will Sheldon +1.778-689-1244 On Friday, February 21, 2014 at 9:20 AM, Todd Maugh wrote: Hello, Another day another issue it seems :) so I'm trying to set up an ubunutu client I get almost all the way through the install and it fails with a version error. Ive hear this is a known bug and there is a fix out there. although Im not sure how to apply the fix or get the older client install. my error is as follows: Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub Adding SSH public key from /etc/ssh/ssh_host_dsa_key.pub Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub Forwarding 'host_mod' to server u'https://se-idm-01.boingo.com/ipa/xml' host_mod: 2.58 client incompatible with 2.49 server at u'https://se-idm-01.boingo.com/ipa/xml' Failed to upload host SSH public keys. Please help Thanks -Todd tma...@boingo.com<mailto:tma...@boingo.com> ___ Freeipa-users mailing list Freeipa-users@redhat.com<mailto:Freeipa-users@redhat.com> https://www.redhat.com/mailman/listinfo/freeipa-users ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] adding ubuntu client to red hat server
I ran into this, there was a post bout it a little while back. It seems that you can modify ipapython/version.py to revert the version number for enrolment, then revert it. with no ill effects. My script looks like: #revert reported version of ipapython so keys will upload properly (backup first tho) cp /usr/share/pyshared/ipapython/version.py /usr/share/pyshared/ipapython/version.py.bak sed -i "s/API_VERSION=.*/API_VERSION=u'2.49'/g" /usr/share/pyshared/ipapython/version.py # install! ipa-client-install -d -U --enable-dns-updates --hostname=$FQDN --mkhomedir --password=$PASS #revert change to the ipapython version back again #rm -f /usr/share/pyshared/ipapython/version.py && mv /usr/share/pyshared/ipapython/version.py.bak /usr/share/pyshared/ipapython/version.py Kind regards, Will Sheldon +1.778-689-1244 On Friday, February 21, 2014 at 9:20 AM, Todd Maugh wrote: > Hello, > > Another day another issue it seems :) > > so I'm trying to set up an ubunutu client I get almost all the way through > the install and it fails with a version error. Ive hear this is a known bug > and there is a fix out there. although Im not sure how to apply the fix or > get the older client install. > > my error is as follows: > > Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub > Adding SSH public key from /etc/ssh/ssh_host_dsa_key.pub > Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub > Forwarding 'host_mod' to server u'https://se-idm-01.boingo.com/ipa/xml' > host_mod: 2.58 client incompatible with 2.49 server at > u'https://se-idm-01.boingo.com/ipa/xml' > Failed to upload host SSH public keys. > > > Please help > > Thanks > > -Todd > tma...@boingo.com (mailto:tma...@boingo.com) > ___ > Freeipa-users mailing list > Freeipa-users@redhat.com (mailto:Freeipa-users@redhat.com) > https://www.redhat.com/mailman/listinfo/freeipa-users > > ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
[Freeipa-users] adding ubuntu client to red hat server
Hello, Another day another issue it seems :) so I'm trying to set up an ubunutu client I get almost all the way through the install and it fails with a version error. Ive hear this is a known bug and there is a fix out there. although Im not sure how to apply the fix or get the older client install. my error is as follows: Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub Adding SSH public key from /etc/ssh/ssh_host_dsa_key.pub Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub Forwarding 'host_mod' to server u'https://se-idm-01.boingo.com/ipa/xml' host_mod: 2.58 client incompatible with 2.49 server at u'https://se-idm-01.boingo.com/ipa/xml' Failed to upload host SSH public keys. Please help Thanks -Todd tma...@boingo.com ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users