Oliver Burtchen wrote:
Hi,
using clean F12 installtion with all updates and ipa
1.91-0.2010041617git671bb9c.fc12 on server and client:
Currently I'm unable to join a client, debug of ipa-client-install attached.
Seems, there was a change in the protocol, and ipa-join gives to many
arguments..
Best regards,
Oli
[r...@testclient ~]# ipa-client-install -d
root: DEBUGLoading Index file from '/var/lib/ipa-
client/sysrestore/sysrestore.index'
root: DEBUG[ipadnssearchldap(example.com)]
root: DEBUG[ipadnssearchkrb]
root: DEBUG[ipacheckldap]
root: DEBUGInit ldap with: ldap://services.example.com:389
root: DEBUGSearch rootdse
root: DEBUGSearch for (info=*) in dc=example.com(base)
root: DEBUGFound: [('dc=example.com', {'objectClass': ['top',
'domain', 'pilotObject', 'nisDomainObject', 'domainRelatedObject'], 'info':
['IPA V2.0'], 'associatedDomain': ['example.com'], 'dc': ['example.com'],
'nisDomain': ['example.com']})]
root: DEBUGSearch for (objectClass=krbRealmContainer) in
dc=example.com(sub)
root: DEBUGFound: [('cn=EXAMPLE.COM,cn=kerberos,dc=example.com',
{'krbSubTrees': ['dc=example.com'], 'cn': ['EXAMPLE.COM'],
'krbDefaultEncSaltTypes': ['aes256-cts:normal', 'aes128-cts:normal', 'des3-
hmac-sha1:normal', 'arcfour-hmac:normal', 'des-hmac-sha1:normal', 'des-cbc-
md5:normal'], 'objectClass': ['top', 'krbrealmcontainer',
'krbticketpolicyaux'], 'krbSearchScope': ['2'], 'krbSupportedEncSaltTypes':
['aes256-cts:normal', 'aes128-cts:normal', 'des3-hmac-sha1:normal', 'arcfour-
hmac:normal', 'des-hmac-sha1:normal', 'des-cbc-md5:normal', 'des-cbc-
crc:normal', 'des-cbc-crc:v4', 'des-cbc-crc:afs3'], 'krbMaxTicketLife':
['86400'], 'krbMaxRenewableAge': ['604800']})]
Discovery was successful!
Realm: EXAMPLE.COM
DNS Domain: example.com
IPA Server: services.example.com
BaseDN: dc=example.com
Continue to configure the system with these values? [no]: y
Principal: admin
Password for ad...@example.com: root: INFO
args=/usr/kerberos/bin/kinit ad...@example.com
root: INFO stdout=Password for ad...@example.com:
root: INFO stderr=
root: INFO args=/usr/sbin/ipa-join -s services.example.com -d
root: INFO stdout=
root: INFO stderr=cannot open configuration file
/etc/ipa/default.conf
XML-RPC CALL:
\r\n
\r\n
join\r\n
\r\n
testclient.example.com\r\n
\r\n
nsosversion\r\n
2.6.32.11-99.fc12.i686.PAE\r\n
nshardwareplatform\r\n
i686\r\n
\r\n
\r\n
\r\n
XML-RPC RESPONSE:
\n
\n
\n
\n
\n
faultCode\n
3004\n
\n
\n
faultString\n
command 'join' takes at most 1 argument\n
\n
\n
\n
\n
RPC failed at server. command 'join' takes at most 1 argument
Joining realm failed: cannot open configuration file /etc/ipa/default.conf
XML-RPC CALL:
\r\n
\r\n
join\r\n
\r\n
testclient.example.com\r\n
\r\n
nsosversion\r\n
2.6.32.11-99.fc12.i686.PAE\r\n
nshardwareplatform\r\n
i686\r\n
\r\n
\r\n
\r\n
XML-RPC RESPONSE:
\n
\n
\n
\n
\n
faultCode\n
3004\n
\n
\n
faultString\n
command 'join' takes at most 1 argument\n
\n
\n
\n
\n
RPC failed at server. command 'join' takes at most 1 argument
root: INFO args=/usr/kerberos/bin/kdestroy
root: INFO stdout=
root: INFO stderr=
I have a fix for this awaiting peer review on freeipa-devel titled "Use
the certificate subject base in IPA when requesting certs in certmonger."
rob
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users