2015-01-20T15:02:18Z DEBUG /usr/sbin/ipa-client-install was invoked with options: {'domain': None, 'force': False, 'krb5_offline_passwords': True, 'primary': False, 'mkhomedir': False, 'create_sshfp': True, 'conf_sshd': True, 'on_master': False, 'conf_ntp': True, 'ca_cert_file': None, 'ntp_server': None, 'principal': None, 'hostname': None, 'no_ac': False, 'unattended': None, 'sssd': True, 'trust_sshfp': False, 'dns_updates': False, 'realm_name': None, 'conf_ssh': True, 'server': None, 'prompt_password': False, 'permit': False, 'debug': False, 'preserve_sssd': False, 'uninstall': False}
2015-01-20T15:02:18Z DEBUG missing options might be asked for interactively later
2015-01-20T15:02:18Z DEBUG Loading Index file from '/var/lib/ipa-client/sysrestore/sysrestore.index'
2015-01-20T15:02:18Z DEBUG Loading StateFile from '/var/lib/ipa-client/sysrestore/sysrestore.state'
2015-01-20T15:02:18Z DEBUG [IPA Discovery]
2015-01-20T15:02:18Z DEBUG Starting IPA discovery with domain=None, server=None, hostname=rhtest02.gridpp.rl.ac.uk
2015-01-20T15:02:18Z DEBUG Start searching for LDAP SRV record in "gridpp.rl.ac.uk" (domain of the hostname) and its sub-domains
2015-01-20T15:02:18Z DEBUG Search DNS for SRV record of _ldap._tcp.gridpp.rl.ac.uk.
2015-01-20T15:02:18Z DEBUG DNS record found: DNSResult::name:_ldap._tcp.gridpp.rl.ac.uk.,type:33,class:1,rdata={priority:0,port:389,weight:100,server:freeipa01.gridpp.rl.ac.uk.}
2015-01-20T15:02:18Z DEBUG [Kerberos realm search]
2015-01-20T15:02:18Z DEBUG Search DNS for TXT record of _kerberos.gridpp.rl.ac.uk.
2015-01-20T15:02:18Z DEBUG DNS record found: DNSResult::name:_kerberos.gridpp.rl.ac.uk.,type:16,class:1,rdata={data:gridpp.rl.ac.uk.}
2015-01-20T15:02:18Z DEBUG Search DNS for SRV record of _kerberos._udp.gridpp.rl.ac.uk.
2015-01-20T15:02:18Z DEBUG DNS record found: DNSResult::name:_kerberos._udp.gridpp.rl.ac.uk.,type:33,class:1,rdata={priority:0,port:88,weight:100,server:freeipa01.gridpp.rl.ac.uk.}
2015-01-20T15:02:18Z DEBUG [LDAP server check]
2015-01-20T15:02:18Z DEBUG Verifying that freeipa01.gridpp.rl.ac.uk (realm gridpp.rl.ac.uk.) is an IPA server
2015-01-20T15:02:18Z DEBUG Init LDAP connection with: ldap://freeipa01.gridpp.rl.ac.uk:389
2015-01-20T15:02:18Z DEBUG Search LDAP server for IPA base DN
2015-01-20T15:02:18Z DEBUG Check if naming context 'dc=gridpp,dc=rl,dc=ac,dc=uk' is for IPA
2015-01-20T15:02:18Z DEBUG Naming context 'dc=gridpp,dc=rl,dc=ac,dc=uk' is a valid IPA context
2015-01-20T15:02:18Z DEBUG Search for (objectClass=krbRealmContainer) in dc=gridpp,dc=rl,dc=ac,dc=uk (sub)
2015-01-20T15:02:18Z DEBUG Found: cn=GRIDPP.RL.AC.UK,cn=kerberos,dc=gridpp,dc=rl,dc=ac,dc=uk
2015-01-20T15:02:18Z DEBUG Discovery result: REALM_NOT_FOUND; server=freeipa01.gridpp.rl.ac.uk, domain=gridpp.rl.ac.uk, kdc=freeipa01.gridpp.rl.ac.uk, basedn=dc=gridpp,dc=rl,dc=ac,dc=uk
2015-01-20T15:02:18Z DEBUG will use discovered domain: gridpp.rl.ac.uk
2015-01-20T15:02:18Z DEBUG Start searching for LDAP SRV record in "gridpp.rl.ac.uk" (Validating DNS Discovery) and its sub-domains
2015-01-20T15:02:18Z DEBUG Search DNS for SRV record of _ldap._tcp.gridpp.rl.ac.uk.
2015-01-20T15:02:18Z DEBUG DNS record found: DNSResult::name:_ldap._tcp.gridpp.rl.ac.uk.,type:33,class:1,rdata={priority:0,port:389,weight:100,server:freeipa01.gridpp.rl.ac.uk.}
2015-01-20T15:02:18Z DEBUG DNS validated, enabling discovery
2015-01-20T15:02:18Z DEBUG will use discovered server: freeipa01.gridpp.rl.ac.uk
2015-01-20T15:02:18Z ERROR Failed to verify that freeipa01.gridpp.rl.ac.uk is an IPA Server.
2015-01-20T15:02:18Z ERROR This may mean that the remote server is not up or is not reachable due to network or firewall settings.
2015-01-20T15:02:18Z INFO Please make sure the following ports are opened in the firewall settings:
     TCP: 80, 88, 389
     UDP: 88 (at least one of TCP/UDP ports 88 has to be open)
Also note that following ports are necessary for ipa-client working properly after enrollment:
     TCP: 464
     UDP: 464, 123 (if NTP enabled)
2015-01-20T15:02:18Z DEBUG (freeipa01.gridpp.rl.ac.uk: Discovered LDAP SRV records from gridpp.rl.ac.uk (domain of the hostname))
2015-01-20T15:02:18Z ERROR Installation failed. Rolling back changes.
2015-01-20T15:02:18Z ERROR IPA client is not configured on this system.