[Freeipa-users] Failure of ipa-client-install
Louis Coilliot
louis.coilliot at think.fr
Thu Jul 14 08:39:42 UTC 2011
Hello,
The server side (station8) is a freshly installed ipa server on Fedora
15 with freeipa-server-2.0.1-2.fc15.x86_64
The client side (station7) is a RHEL 6.1 with ipa-client-2.0.0-23.el6.x86_64
Or another Fedora15 OS (same behaviour)
The symptom is :
# ipa-client-install --server station8.example.com --domain example.com -d
(...)
Discovery was successful!
(...)
Hostname: station7.example.com
Realm: EXAMPLE.COM
DNS Domain: example.com
IPA Server: station8.example.com
BaseDN: dc=example,dc=com
Continue to configure the system with these values? [no]: yes
Enrollment principal: admin
(...)
Password for admin at EXAMPLE.COM:
root : DEBUG args=kinit admin at EXAMPLE.COM
root : DEBUG stdout=
root : DEBUG stderr=kinit: Cannot contact any KDC for realm
'EXAMPLE.COM' while getting initial credentials
root : DEBUG args=kdestroy
root : DEBUG stdout=
root : DEBUG stderr=kdestroy: No credentials cache found
while destroying cache
kinit: Cannot contact any KDC for realm 'EXAMPLE.COM' while getting
initial credentials
I check krb5.conf, and I find :
[realms]
EXAMPLE.COM = {
kdc = kerberos.example.com
admin_server = kerberos.example.com
}
If I change it manually to :
[realms]
EXAMPLE.COM = {
kdc = station8.example.com
admin_server = station8.example.com
}
then the kinit is fine manually :
# kinit admin
Password for admin at EXAMPLE.COM:
# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: admin at EXAMPLE.COM
Valid starting Expires Service principal
07/13/11 13:59:09 07/14/11 13:59:05 krbtgt/EXAMPLE.COM at EXAMPLE.COM
renew until 07/20/11 13:59:05
But ipa-client-install still fails at this point
Any idea ? Thanks in advance.
Louis Coilliot
More information about the Freeipa-users
mailing list