[Freeipa-users] client setup failure
Steven Jones
Steven.Jones at vuw.ac.nz
Tue Mar 29 19:29:25 UTC 2011
Hi,
I cant use --server or --domain the install script ignores those........it insists on going to AD for its info....
regards
________________________________________
From: freeipa-users-bounces at redhat.com [freeipa-users-bounces at redhat.com] on behalf of Rob Crittenden [rcritten at redhat.com]
Sent: Wednesday, 30 March 2011 2:41 a.m.
To: Martin Kosek
Cc: freeipa-users at redhat.com
Subject: Re: [Freeipa-users] client setup failure
Martin Kosek wrote:
> On Tue, 2011-03-29 at 12:49 +0200, tomasz.napierala at allegro.pl wrote:
>> On 2011-03-29, at 10:20, Martin Kosek wrote:
>>
>>> On Tue, 2011-03-29 at 00:08 +0000, Steven Jones wrote:
>>>
>>> What is a content of _ldap._tcp.ipa.ac.nz DNS SRV record? IPA client
>>> installation uses this DNS record in an autodiscovery of IPA server in
>>> the given DNS domain.
>>
>> In AD managed zone that would be domain controller itself.
>>
>> pz
>
> You are right. In that case the autodiscovery have to be skipped and
> --server/--domain parameters need to be added to the client installation
> script manually.
>
> Martin
Yes, please try with --server as a workaround.
This is a rather tricky one. We fetch the IPA CA so we can make a TLS
connection and gather some data for autodiscovery. I guess we need to
make the failure to retrieve the CA non-fatal, I'm just not sure what
other implications that will have. I thought we passed along the
provided server to to autodiscovery so this wouldn't happen.
I've opened https://fedorahosted.org/freeipa/ticket/1135 to track this.
thanks
rob
_______________________________________________
Freeipa-users mailing list
Freeipa-users at redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
More information about the Freeipa-users
mailing list