[Freeipa-users] Problem installing client on server

Fri Nov 4 13:33:40 UTC 2011

Hi,

We are (again) evaluationg FreeIPA 2.x and I run into troubles installing client on ipa server. It happend before on other server, but I thought it might be due to the fact, that FreeIPA was installed and uninstalled there for several times. This time it's a fresh install.
[root at ipa20-test ~]# rpm -qa |grep freeipa
freeipa-client-2.1.3-2.fc15.x86_64
freeipa-admintools-2.1.3-2.fc15.x86_64
freeipa-server-selinux-2.1.3-2.fc15.x86_64
freeipa-python-2.1.3-2.fc15.x86_64
freeipa-server-2.1.3-2.fc15.x86_64

Last lines form output:
done configuring dirsrv.
Restarting the directory server
Restarting the KDC
Restarting the web server
Sample zone file for bind has been created in /tmp/sample.zone.iQ1QBH.db
Configuration of client side components failed!
ipa-client-install returned: Command '/usr/sbin/ipa-client-install --on-master --unattended --domain dc2 --server ipa20-test.dc2 --realm GATECH --hostname ipa20-test.dc2' returned non-zero exit status 1

Launching it agian:
[root at ipa20-test ~]# /usr/sbin/ipa-client-install --on-master --unattended --domain dc2 --server ipa20-test.dc2 --realm GATECH --hostname ipa20-test.dc2
Failed to verify that ipa20-test.dc2 is an IPA Server.
This may mean that the remote server is not up or is not reachable
due to network or firewall settings.
Installation failed. Rolling back changes.
IPA client is not configured on this system.

ipaclient-install..og:
2011-11-04 14:11:18,799 DEBUG Init ldap with: ldap://ipa20-test.dc2:389
2011-11-04 14:11:18,812 DEBUG Search LDAP server for IPA base DN
2011-11-04 14:11:18,814 DEBUG Check if naming context 'dc=gatech' is for IPA
2011-11-04 14:11:18,815 DEBUG Naming context 'dc=gatech' is a valid IPA context
2011-11-04 14:11:18,815 DEBUG Search for (objectClass=krbRealmContainer) in dc=gatech(sub)
2011-11-04 14:11:18,816 DEBUG Found: [('cn=GATECH,cn=kerberos,dc=gatech', {'krbSubTrees': ['dc=gatech'], 'cn': ['GATECH'], 'krbDefaultEncSaltTypes': ['aes256-cts:special', 'aes128-cts:special', 'des3-hmac-sha1:special', 'arcfour-hmac:special'], 'objectClass': ['top', 'krbrealmcontainer', 'krbticketpolicyaux'], 'krbSearchScope': ['2'], 'krbSupportedEncSaltTypes': ['aes256-cts:normal', 'aes256-cts:special', 'aes128-cts:normal', 'aes128-cts:special', 'des3-hmac-sha1:normal', 'des3-hmac-sha1:special', 'arcfour-hmac:normal', 'arcfour-hmac:special', 'des-hmac-sha1:normal', 'des-cbc-md5:normal', 'des-cbc-crc:normal', 'des-cbc-crc:v4', 'des-cbc-crc:afs3'], 'krbMaxTicketLife': ['86400'], 'krbMaxRenewableAge': ['604800']})]
2011-11-04 14:11:18,817 DEBUG will use domain: dc2

2011-11-04 14:11:18,817 DEBUG will use server: ipa20-test.dc2

Anyone have a clue what might be the reason?

Regards,	
-- 
Tomasz Z. Napierała
Systems Architecture Engineer,
IT Infrastructure Department
Allegro Team
http://www.allegro.pl/

Grupa Allegro Sp. z o.o. z siedzibą w Poznaniu, 60-324 Poznań, przy ul. Marcelińskiej 90, wpisana do rejestru przedsiębiorców prowadzonego przez Sąd Rejonowy Poznań - Nowe Miasto i Wilda, Wydział VIII Gospodarczy Krajowego Rejestru Sądowego pod numerem KRS 0000268796, o kapitale zakładowym w wysokości 33 474 500 zł, posiadająca numer identyfikacji podatkowej NIP: 5272525995.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2678 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20111104/8635f109/attachment.p7s>