[Freeipa-devel] Adding client on RHEL 6 fails to get DNS entry
Simo Sorce
ssorce at redhat.com
Fri Feb 25 05:47:03 UTC 2011
On Thu, 24 Feb 2011 20:55:32 -0500
Adam Young <ayoung at redhat.com> wrote:
> I updated the reolve.conf of the client machine to point to the
> server and ran:
>
>
> [root at vm-060 ~]# ipa-client-install --domain idm.lab.bos.redhat.com
> -p admin -w freeipa4all
> Discovery was successful!
> Realm: IDM.LAB.BOS.REDHAT.COM
> DNS Domain: idm.lab.bos.redhat.com
> IPA Server: vm-051.idm.lab.bos.redhat.com
> BaseDN: dc=idm,dc=lab,dc=bos,dc=redhat,dc=com
>
>
> Continue to configure the system with these values? [no]: yes
>
> Enrolled in IPA realm IDM.LAB.BOS.REDHAT.COM
> Created /etc/ipa/default.conf
> Configured /etc/sssd/sssd.conf
> Configured /etc/krb5.conf for IPA realm IDM.LAB.BOS.REDHAT.COM
> certmonger request for host certificate failed
> Warning: Hostname (vm-060.idm.lab.bos.redhat.com) not found in DNS
> Failed to obtain host TGT.
> Failed to update DNS A record. (Command 'x' returned non-zero exit
> status 1) SSSD enabled
> Kerberos 5 enabled
> NTP enabled
> Client configuration complete.
>
>
> Is this a sign of a cert server issue? THis is the first time
> running with dogtag.
We use TSIG-GSSAPI for DNS Updates, no certs involved.
> Here's the last couple of lines from the ipa-server-log/ They look
> fine to me.
>
> [Thu Feb 24 20:41:06 2011] [error] ipa: INFO:
> admin at IDM.LAB.BOS.REDHAT.COM: host_find(u'', all=True): SUCCESS
> [Thu Feb 24 20:41:14 2011] [error] ipa: INFO:
> admin at IDM.LAB.BOS.REDHAT.COM: batch(({u'params':
> [[u'vm-060.idm.lab.bos.redhat.com'], {}], u'method': u'host_del'},)):
> SUCCESS
> [Thu Feb 24 20:41:15 2011] [error] ipa: INFO:
> admin at IDM.LAB.BOS.REDHAT.COM: host_find(u'', all=True): SUCCESS
> [Thu Feb 24 20:46:04 2011] [error] ipa: INFO:
> admin at IDM.LAB.BOS.REDHAT.COM: join(u'vm-060.idm.lab.bos.redhat.com',
> nshardwareplatform=u'x86_64',
> nsosversion=u'2.6.32-114.0.1.el6.x86_64'): SUCCESS
Can you send the ipaclient-install.log file ?
> This machine had client installed before, but I've since uninstalled
> and reinstalled both the server and client, and rebooted the client
> as well.
Should make no difference at all, it seem nsupdate is failing.
Do you have bind-utils installed ?
> There is no file /etc/ipa/.dns_update.txt
And there shouldn't, it is a temp file we delete as soon as we are done.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list