[Freeipa-users] unable to add service principle from F17
Rob Crittenden
rcritten at redhat.com
Mon Jun 25 18:53:42 UTC 2012
Dale Macartney wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi all
>
> I have a RHEL 6.2 ipa domain and I am running through one of my known
> working kickstarts for kerberised squid but instead of using RHEL i'm
> setting it up on Fedora 17.
>
> I get the following error on the fedora system which has
> freeipa-admintools installed
>
> [root at proxy02 ~]# klist
> Ticket cache: FILE:/tmp/krb5cc_0
> Default principal: admin at EXAMPLE.COM
>
> Valid starting Expires Service principal
> 06/25/12 20:34:33 06/26/12 20:34:31 krbtgt/EXAMPLE.COM at EXAMPLE.COM
> [root at proxy02 ~]# ipa service-add HTTP/$(hostname)
> ipa: ERROR: did not receive Kerberos credentials
> [root at proxy02 ~]# ipa service-add HTTP/proxy02.example.com
> ipa: ERROR: did not receive Kerberos credentials
> [root at proxy02 ~]#
>
>
>
> Nothing appears in the logs apart from
>
> ==> /var/log/messages<==
> Jun 25 20:35:34 proxy02 pcscd[25567]: 35998884
> winscard.c:241:SCardConnect() Reader E-Gate 0 0 Not Found
> Jun 25 20:35:34 proxy02 pcscd[25567]: 00001428
> winscard.c:241:SCardConnect() Reader E-Gate 0 0 Not Found
> Jun 25 20:35:34 proxy02 pcscd[25567]: 00001013
> winscard.c:241:SCardConnect() Reader E-Gate 0 0 Not Found
> Jun 25 20:35:34 proxy02 pcscd[25567]: 00001230
> winscard.c:241:SCardConnect() Reader E-Gate 0 0 Not Found
>
>
> Any ideas?
>
> This doesn't block me from what I am trying to achieve as I can add the
> service principle from the IPA server. Just thought I might ask the
> question.
What version of client and server?
rob
More information about the Freeipa-users
mailing list