[Freeipa-users] Unable to enrol servers with principal
Rob Crittenden
rcritten at redhat.com
Sun Feb 10 01:48:37 UTC 2013
Charlie Derwent wrote:
> Hi
> Whenever I attempt an unattended installation with a principal and
> password. The installation fails.
> I'm using the following syntax for my command
> ipa-client-install --domain=example.com <http://example.com>
> --server=ipa.example.com <http://ipa.example.com> --realm=EXAMPLE.COM
> <http://EXAMPLE.COM> --principal=user --password=pass -U
> --ntp-server=123.123.123.123 --mkhomedir --hostname=server1.example.com
> <http://server1.example.com>
> The error I get varies between (in order of frequency)
> Joining realm failed: /usr/sbin/ipa-join: symbol lookup error:
> /usr/sbin/ipa-join: undefined symbol: xmlrpc_server_info_set_user
> and
This is the sort of thing that if you saw once, you should see every
time. What version of xmlrpc-c-client is installed?
> kinit(v5): Password incorrect while getting initial credentials
> and
> Password expired. you must change it now.
> kinit(v5): Cannot read password while getting initial credentials
> The password is 100% right as I can kinit on other servers and access
> the webgui with the same details.
> OTP's work flawlessly.
The KDC log might have more information.
> ipa-client = tried with 2.1.3-1.el5 and 2.1.3-5.el5_9.2 (RHEL 5.8)
> ipa-server = 2.2.0-16.el6 (RHEL 6.3)
rob
More information about the Freeipa-users
mailing list