Re: [Freeipa-users] ipa host-add and service add command to add solaris 10
Ben .T.George wrote:
HI
thanks for the replay.
i was trying for keytab and getting below error.
[root@kwtpocpbis01 ~]# ipa-getkeytab -s kwtpocpbis01.solipa.local -p
host/kwttestsolaris10.solipa.local -k /tmp/krb5.keytab -e des-cbc-crc
Operation failed! All enctypes provided are unsupported
my krb5.conf looks like below:
[libdefaults]
default_realm = SOLIPA.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = true
rdns = false
ticket_lifetime = 24h
forwardable = yes
default_ccache_name = KEYRING:persistent:%{uid}
allow_weak_crypto = true
what will be issue with my command?
You haven't configured enough. Follow Alexander's instructions here:
https://www.redhat.com/archives/freeipa-users/2014-November/msg00246.html
You'll also need to restart the krb5kdc service.
rob
Regards,
Ben
On Tue, Jan 6, 2015 at 11:35 PM, Rob Crittenden rcrit...@redhat.com
mailto:rcrit...@redhat.com wrote:
Ben .T.George wrote:
HI
i was trying to ass solaris 10 client from command line. Host add
comand
went successfully and service add for /host is giving error.
please check below output and help me to solve this
[root@kwtpocpbis01 ~]# ipa host-add --force
--ip-address=172.16.107.107
kwttestsolaris10.solipa.local
--
Added host kwttestsolaris10.solipa.local
--
Host name: kwttestsolaris10.solipa.local
Principal name: host/kwttestsolaris10.solipa.local@SOLIPA.LOCAL
Password: False
Keytab: False
Managed by: kwttestsolaris10.solipa.local
[root@kwtpocpbis01 ~]# ipa service-add
host/kwttestsolaris10.solipa.local
ipa: ERROR: You must enroll a host in order to create a host service
what this means ipa: ERROR: You must enroll a host in order to
create a
host service . I can see the host from IPA web front end. that means
host is added noe.? or this is pointing to another service
The host service is implicit and lives within the host. You don't need
to (nor can you) add it.
If you want to get a keytab for it just use ipa-getkeytab to fetch it.
rob
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] ipa host-add and service add command to add solaris 10
Ben .T.George wrote: HI i was trying to ass solaris 10 client from command line. Host add comand went successfully and service add for /host is giving error. please check below output and help me to solve this [root@kwtpocpbis01 ~]# ipa host-add --force --ip-address=172.16.107.107 kwttestsolaris10.solipa.local -- Added host kwttestsolaris10.solipa.local -- Host name: kwttestsolaris10.solipa.local Principal name: host/kwttestsolaris10.solipa.local@SOLIPA.LOCAL Password: False Keytab: False Managed by: kwttestsolaris10.solipa.local [root@kwtpocpbis01 ~]# ipa service-add host/kwttestsolaris10.solipa.local ipa: ERROR: You must enroll a host in order to create a host service what this means ipa: ERROR: You must enroll a host in order to create a host service . I can see the host from IPA web front end. that means host is added noe.? or this is pointing to another service The host service is implicit and lives within the host. You don't need to (nor can you) add it. If you want to get a keytab for it just use ipa-getkeytab to fetch it. rob -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] ipa host-add and service add command to add solaris 10
HI
thanks for the replay.
i was trying for keytab and getting below error.
[root@kwtpocpbis01 ~]# ipa-getkeytab -s kwtpocpbis01.solipa.local -p
host/kwttestsolaris10.solipa.local -k /tmp/krb5.keytab -e des-cbc-crc
Operation failed! All enctypes provided are unsupported
my krb5.conf looks like below:
[libdefaults]
default_realm = SOLIPA.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = true
rdns = false
ticket_lifetime = 24h
forwardable = yes
default_ccache_name = KEYRING:persistent:%{uid}
allow_weak_crypto = true
what will be issue with my command?
Regards,
Ben
On Tue, Jan 6, 2015 at 11:35 PM, Rob Crittenden rcrit...@redhat.com wrote:
Ben .T.George wrote:
HI
i was trying to ass solaris 10 client from command line. Host add comand
went successfully and service add for /host is giving error.
please check below output and help me to solve this
[root@kwtpocpbis01 ~]# ipa host-add --force --ip-address=172.16.107.107
kwttestsolaris10.solipa.local
--
Added host kwttestsolaris10.solipa.local
--
Host name: kwttestsolaris10.solipa.local
Principal name: host/kwttestsolaris10.solipa.local@SOLIPA.LOCAL
Password: False
Keytab: False
Managed by: kwttestsolaris10.solipa.local
[root@kwtpocpbis01 ~]# ipa service-add
host/kwttestsolaris10.solipa.local
ipa: ERROR: You must enroll a host in order to create a host service
what this means ipa: ERROR: You must enroll a host in order to create a
host service . I can see the host from IPA web front end. that means
host is added noe.? or this is pointing to another service
The host service is implicit and lives within the host. You don't need
to (nor can you) add it.
If you want to get a keytab for it just use ipa-getkeytab to fetch it.
rob
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
