[Freeipa-users] Failed to obtain host TGT bug
Petr Spacek
pspacek at redhat.com
Fri Feb 1 15:03:48 UTC 2013
On 1.2.2013 15:42, William Muriithi wrote:
>
> Hello pal,
>
> I have a centos 6.3 that fails to enroll to the IPA server however much
> I try. I believe its because of the bug below. I have updated the IPA
> client but it seem it is only fixed on ipa-3.0 which ships on RHEL 6.4
How many replicas do you have? Could you share /var/log/ipa-client-install.log ?
> Is there a way of enrolling the client manually without necessary
> updating the system to Centos 6.4 (Which I don't know is it exist
> actually)?
You can try dirty hack: On client create iptables rule in OUTPUT chain which
rejects all traffic to all IPA servers except one. Installer should
theoretically fail over to the only accessible server.
I would recommend "-j REJECT". DROP would create huge intervals of waiting for
packets which will never arrive.
> https://bugzilla.redhat.com/show_bug.cgi?id=845691
>
> This is the most current IPA client on 6.3
>
> ipa-client-2.2.0-17.el6_3.1.x86_64.rpm
--
Petr^2 Spacek
More information about the Freeipa-users
mailing list