[Freeipa-users] hosts/clients joining IPA but dns updating not working
Martin Kosek
mkosek at redhat.com
Tue Mar 27 09:04:27 UTC 2012
On Tue, 2012-03-27 at 01:15 +0000, Steven Jones wrote:
> Hi,
>
> I just started adding hosts/clients but DNS isnt being updated for the client(s).
>
> Screenshot of error is attached....
>
Hello Steven,
there is something wrong with your host keytab. As written in the
output, ipa-client-install could not get a TGT for
host/vuwunicorh6ws04 at ODS.VUW.AC.NZ and thus nsupdate which performs the
DNS update failed.
Can you please attach a relevant portion of ipaclient-install.log so
that we can get more information about why it failed?
Alternatively, you can list credentials in the keytab with this command
yourself:
# klist -kt /etc/krb5.keytab
To test obtaining the TGT from the host keytab and thus reproducing this
issue, you can run this command:
# kinit -k -t /etc/krb5.keytab host/vuwunicorh6ws04 at ODS.VUW.AC.NZ
The command output itself, or KRB5KDC logs in IPA server should provide
a hint why the kinit fails.
Martin
More information about the Freeipa-users
mailing list