[Freeipa-users] version mismatch while joining a client ?
Robert M. Albrecht
fedora at romal.de
Tue Jul 26 13:39:04 UTC 2011
Hi,
I tried to join my first client (another fully patched F15, like the
ipa-server).
Joining realm failed because of failing XML-RPC request.
This error may be caused by incompatible server/client major versions.
[root at chessur ~]# ipa-client-install --debug --enable-dns-updates
root : DEBUG /usr/sbin/ipa-client-install was invoked with
options: {'conf_ntp': True, 'domain': None, 'uninstall': False, 'force':
False, 'sssd': True, 'hostname': None, 'permit': False, 'server': None,
'prompt_password': False, 'realm_name': None, 'dns_updates': True,
'debug': True, 'on_master': False, 'ntp_server': None, 'mkhomedir':
False, 'unattended': None, 'principal': None}
root : DEBUG missing options might be asked for interactively
later
root : DEBUG Loading Index file from
'/var/lib/ipa-client/sysrestore/sysrestore.index'
^C^C^C^C^C^C^C^C^C[root at chessur ~]# ipa-client-install --debug
--enable-dns-updates
root : DEBUG /usr/sbin/ipa-client-install was invoked with
options: {'conf_ntp': True, 'domain': None, 'uninstall': False, 'force':
False, 'sssd': True, 'hostname': None, 'permit': False, 'server': None,
'prompt_password': False, 'realm_name': None, 'dns_updates': True,
'debug': True, 'on_master': False, 'ntp_server': None, 'mkhomedir':
False, 'unattended': None, 'principal': None}
root : DEBUG missing options might be asked for interactively
later
root : DEBUG Loading Index file from
'/var/lib/ipa-client/sysrestore/sysrestore.index'
root : DEBUG [ipadnssearchldap(vorlon.lan)]
root : DEBUG [ipadnssearchkrb]
root : DEBUG [ipacheckldap]
root : DEBUG args=/usr/bin/wget -O /tmp/tmpLob8Sc/ca.crt
http://zerberus.vorlon.lan/ipa/config/ca.crt
root : DEBUG stdout=
root : DEBUG stderr=--2011-07-26 15:34:18--
http://zerberus.vorlon.lan/ipa/config/ca.crt
Auflösen des Hostnamen »zerberus.vorlon.lan«.... 192.168.0.230
Verbindungsaufbau zu zerberus.vorlon.lan|192.168.0.230|:80... verbunden.
HTTP Anforderung gesendet, warte auf Antwort... 200 OK
Länge: 767 [application/x-x509-ca-cert]
In »»/tmp/tmpLob8Sc/ca.crt«« speichern.
0K 100% 96,8M=0s
2011-07-26 15:34:18 (96,8 MB/s) - »»/tmp/tmpLob8Sc/ca.crt«« gespeichert
[767/767]
root : DEBUG Init ldap with: ldap://zerberus.vorlon.lan:389
root : DEBUG Search rootdse
root : DEBUG Search for (info=*) in dc=vorlon,dc=lan(base)
root : DEBUG Found: [('dc=vorlon,dc=lan', {'objectClass':
['top', 'domain', 'pilotObject', 'nisDomainObject',
'domainRelatedObject'], 'info': ['IPA V2.0'], 'associatedDomain':
['vorlon.lan'], 'dc': ['vorlon'], 'nisDomain': ['vorlon.lan']})]
root : DEBUG Search for (objectClass=krbRealmContainer) in
dc=vorlon,dc=lan(sub)
root : DEBUG Found:
[('cn=VORLON.LAN,cn=kerberos,dc=vorlon,dc=lan', {'krbSubTrees':
['dc=vorlon,dc=lan'], 'cn': ['VORLON.LAN'], 'krbDefaultEncSaltTypes':
['aes256-cts:special', 'aes128-cts:special', 'des3-hmac-sha1:special',
'arcfour-hmac:special'], 'objectClass': ['top', 'krbrealmcontainer',
'krbticketpolicyaux'], 'krbSearchScope': ['2'],
'krbSupportedEncSaltTypes': ['aes256-cts:normal', 'aes256-cts:special',
'aes128-cts:normal', 'aes128-cts:special', 'des3-hmac-sha1:normal',
'des3-hmac-sha1:special', 'arcfour-hmac:normal', 'arcfour-hmac:special',
'des-hmac-sha1:normal', 'des-cbc-md5:normal', 'des-cbc-crc:normal',
'des-cbc-crc:v4', 'des-cbc-crc:afs3'], 'krbMaxTicketLife': ['86400'],
'krbMaxRenewableAge': ['604800']})]
root : DEBUG will use domain: vorlon.lan
root : DEBUG will use server: zerberus.vorlon.lan
Discovery was successful!
root : DEBUG will use cli_realm: VORLON.LAN
root : DEBUG will use cli_basedn: dc=vorlon,dc=lan
Hostname: chessur.vorlon.lan
Realm: VORLON.LAN
DNS Domain: vorlon.lan
IPA Server: zerberus.vorlon.lan
BaseDN: dc=vorlon,dc=lan
Continue to configure the system with these values? [no]: yes
Enrollment principal: admin
root : DEBUG will use principal: admin
root : DEBUG args=/usr/bin/wget -O /etc/ipa/ca.crt
http://zerberus.vorlon.lan/ipa/config/ca.crt
root : DEBUG stdout=
root : DEBUG stderr=--2011-07-26 15:34:28--
http://zerberus.vorlon.lan/ipa/config/ca.crt
Auflösen des Hostnamen »zerberus.vorlon.lan«.... 192.168.0.230
Verbindungsaufbau zu zerberus.vorlon.lan|192.168.0.230|:80... verbunden.
HTTP Anforderung gesendet, warte auf Antwort... 200 OK
Länge: 767 [application/x-x509-ca-cert]
In »»/etc/ipa/ca.crt«« speichern.
0K 100% 64,6M=0s
2011-07-26 15:34:28 (64,6 MB/s) - »»/etc/ipa/ca.crt«« gespeichert [767/767]
root : DEBUG Writing Kerberos configuration to /tmp/tmphXdPGl:
#File modified by ipa-client-install
[libdefaults]
default_realm = VORLON.LAN
dns_lookup_realm = true
dns_lookup_kdc = true
rdns = false
ticket_lifetime = 24h
forwardable = yes
[realms]
VORLON.LAN = {
pkinit_anchors = FILE:/etc/ipa/ca.crt
}
[domain_realm]
.vorlon.lan = VORLON.LAN
vorlon.lan = VORLON.LAN
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
Password for admin at VORLON.LAN:
root : DEBUG args=kinit admin at VORLON.LAN
root : DEBUG stdout=Password for admin at VORLON.LAN:
root : DEBUG stderr=
root : DEBUG args=/usr/sbin/ipa-join -s zerberus.vorlon.lan -d
root : DEBUG stdout=
root : DEBUG stderr=XML-RPC CALL:
<?xml version="1.0" encoding="UTF-8"?>\r\n
<methodCall>\r\n
<methodName>join</methodName>\r\n
<params>\r\n
<param><value><array><data>\r\n
<value><string>chessur.vorlon.lan</string></value>\r\n
</data></array></value></param>\r\n
<param><value><struct>\r\n
<member><name>nsosversion</name>\r\n
<value><string>2.6.38.8-35.fc15.x86_64</string></value></member>\r\n
<member><name>nshardwareplatform</name>\r\n
<value><string>x86_64</string></value></member>\r\n
</struct></value></param>\r\n
</params>\r\n
</methodCall>\r\n
HTTP response code is 500, not 200
Joining realm failed because of failing XML-RPC request.
This error may be caused by incompatible server/client major versions.
root : DEBUG args=kdestroy
root : DEBUG stdout=
root : DEBUG stderr=
[root at chessur ~]#
cu romal
More information about the Freeipa-users
mailing list