[Freeipa-users] Preauth pkinit failed to initialize
Jimmy
g17jimmy at gmail.com
Mon Oct 17 14:22:14 UTC 2011
It seems that the dirsrv doesn't start and once named fails to start the
startup of ipa halts and shuts everything down. I rolled back to a previous
snapshot of the VM and it's working. I kept the broken instance and will
debug further later this week. I'll post more to the list when I get back to
it. - Jimmy
On Mon, Oct 17, 2011 at 10:18 AM, Simo Sorce <simo at redhat.com> wrote:
> On Mon, 2011-10-17 at 09:18 -0400, Jimmy Caldwell wrote:
> > Freeipa will not start, suddenly. To my knowledge nothing changed
> > since the time I knew it to start and now I'm getting these errors:
> >
> > In the krb5kdc log-
> > (error): Preauth pkinit failed to initialize: no realms configured
> > correctly for pkinit support
>
> This shouldn't be fatal and should probably be ignored.
>
> > In /var/log/messages-
> > [named] failed to init credentials (client 'DNS/realm' not found in
> > Kerberos database)
>
> This means the KDC probably can't contact the LDAP server (unless
> someone removed the DNS service entry).
>
> Can you check your directory server is up and has it's ports open ?
>
> We had an upgrade issue some times back where a rpm upgrade would fail
> to properly update dse.lidf and would cause DS to not open ports for
> other apps.
> You may want to check if that's the case.
>
> Simo.
>
> --
> Simo Sorce * Red Hat, Inc * New York
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20111017/1484f7f0/attachment.htm>
More information about the Freeipa-users
mailing list