[Freeipa-devel] installation issues
Rob Crittenden
rcritten at redhat.com
Thu May 15 13:25:58 UTC 2008
Mark Christiansen wrote:
> Hello everyone,
>
> I joined the developer list to attempt to work out basic issues with
> installation both in a Virtual Machine running FC7 (VMware) and on
> RHEL5.1. I am unable to install on either platform. Please help me
> work it out, as I would love to help make freeipa a better tool.
>
> First of all, on the RHEL5.1 machine, issuing a "yum install
> --enablerepo=updates-testing ipa-server" doesn't work. What now? Could
> this be added to the installation or troubleshooting page somehow? (Is
> this something I can help maintain?)
RHEL 5.1 is missing a slew of packages that one would need to get IPA
working. and some of the packages it ships aren't current enough including:
Requires:
TurboGears (and about 20 dependencies)
a newer krb5 server
krb5-server-ldap built
python-kerberos
a newer mod_nss
python-tgexpandingformwidget
and maybe python-krbV
freeIPA has focused development on Fedora systems for now because that
is what Simo and I develop on (I'm still on F-7).
> Secondly, on the FC7 VM, whenever I issue a ldap* command, I get an
> error from ldap_sasl_interactive_bind_s. I am a noob, but the web page
> suggests I should update fedora-ds. I thought doing the yum install
> command should take care of installing that package. If I do a yum
> list, I can clearly see I have a sufficient level of fedora-ds. If I
> continue to modify the installation for a VM as the instructions state,
> I eventually lose the ability to communicate to freeipa through the html
> page. So really, there are two issues here.
I'm assuing you've already set up your IPA server using
ipa-server-install. Do the ipa-* commands work? e.g. ipa-finduser admin?
To do an authenticated ldap* command you'll want to do something like:
ldapsearch -Y GSSAPI -b "dc=freeipa,dc=org" uid=admin
This of course assumes you have a kerberos ticket.
Otherwise, to do simple auth instead of SASL, use the -x option instead
of -Y:
ldapsearch -x -b "dc=freeipa,dc=org" uid=admin
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20080515/6676e793/attachment.bin>
More information about the Freeipa-devel
mailing list