[Freeipa-users] ipa-client-install errors via kickstart

[Charlie Derwent]

On Wed, Jun 22, 2011 at 10:49 PM, Rob Crittenden <rcritten at redhat.com>wrote:

> Charlie Derwent wrote:
>
>> Hi
>>
>> I'm running FreeIPA server on F14 and connecting to a F14 client. When I
>> run ipa-client-install (via kickstart or after the client has installed)
>> I'm getting the following error message.
>>
>> root        : DEBUG
>> root        : ERROR    LDAP Error: Connect error: Start TLS request
>> accepted. Server willing to negotiate SSL
>> Failed to verify that ipa.test.net <http://ipa.test.net> is an IPA server
>>
>> This may mean that the remote server is not up or is not reachable due
>> to network or firewall settings
>>
>
> What version of IPA are you running on the client and server?
>

Server is running 2.0.0.rc3-0
F14 Client is running  2.0.0.rc3-0
RHEL 5.6 Clients are running 2.0-10.el5_6.1
All the boxes are 64-bit



Can you check the 389-ds access log to see if you can see the connection and
> any errors reported with it?
>
>  Nothing in the access.log on the server.


>
>>
>> The ipa server is definately up and running, it's still authenticating
>> other servers in the network and when I rebuild the client with rhel or
>> centos it can enroll (almost) without issue (see below).
>>
>> The second issue was this certmonger related bug where certmonger fails
>> to start on new install
>> (https://bugzilla.redhat.com/**show_bug.cgi?id=636894<https://bugzilla.redhat.com/show_bug.cgi?id=636894>)
>> was it resolved in
>> Red Hat 5 as I think i'm expering the issue with my RH5u6 clients?
>>
>
> Looks like it wasn't fixed in RHEL 5.x. IIRC the simple fix is to restart
> messagebus after installing certmonger. Should be easy to do in a kickstart.
>

yeah got the "killall -HUP dbus-daemon" in there now.

Cheers
Charlie

>
> rob
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20110623/239eda6d/attachment.htm>