[Freeipa-users] kinit working, but ipa-client-install not (client not found)
Martin Kosek
mkosek at redhat.com
Fri Jun 24 12:37:08 UTC 2011
On Fri, 2011-06-24 at 10:28 +0200, Pieter Baele wrote:
> On Thu, Jun 23, 2011 at 19:59, Rob Crittenden <rcritten at redhat.com> wrote:
> > Pieter Baele wrote:
> >>
> >> My new freeipa installation is working (server + kinit on a host where
> >> I configured krb5.conf manually)
> >> but ipa-client-install gives the typical Kerberos error:
> >>
> >> kinit: Client not found in Kerberos database while getting initial
> >> credentials
> >>
> >> Both hosts are resolvable
> >
> > I'd suggest looking at /var/log/krb5kdc.log on the server after trying a
> > kinit. This should tell you the name it is trying to resolve.
> >
> > rob
> >
>
> About this issue, nothing is logged in /var/log/krb5kdc.log.....
>
> I used this command now:
> ipa-client-install --server ipa1.example.org --domain example.org -p
> pieterb -W -d
>
> User 'pieterb' exists and has admin privileges
>
>
> Password for pieterb at EXAMPLE.ORG
> root : DEBUG args=kinit pieterb at EXAMPLE.ORG
> root : DEBUG stdout=
> root : DEBUG stderr=kinit: Client not found in Kerberos
> database while getting initial credentials
>
>
> root : DEBUG args=kdestroy
> root : DEBUG stdout=
> root : DEBUG stderr=kdestroy: No credentials cache found
> while destroying cache
>
> kinit: Client not found in Kerberos database while getting initial credentials
>
Is pieterb a user you added in your IPA server or its just in your local
master machine local files (/etc/passwd)? I.e. can you run `ipa
user-show pieterb`?
What if you run ipa-client-install with "-p admin" instead of "-p
pieterb" - does it work?
Martin
More information about the Freeipa-users
mailing list