[Freeipa-users] ipa-client-install "Cannot resolve network address for KDC" problem
Vitaly
linux at karasik.org
Wed Jun 26 07:06:57 UTC 2013
Fixed.
The reason for this problem was pretty simple - DNS server provided wrong
SRV records for kerberos stuff (my IPA deploy is in fact migration from
IPA1 server to IPA2, and customer decided to install IPA2 on different
server instead of upgrade in-place).
After I updated SRV records with the new IPA server, ipa-client-install
works.
many thanks to all for your help,
Vitaly
On Tue, Jun 25, 2013 at 2:38 PM, Petr Spacek <pspacek at redhat.com> wrote:
> On 25.6.2013 12:09, Martin Kosek wrote:
>
>> Sure, you just need to have properly configured /etc/krb5.conf (namely
>> [domain_realm] mapping) and /etc/sssd/sssd.conf to look up the clients in
>> this
>> domain.
>>
> You don't need to configure [domain_realm] mapping manually if you have
> proper TXT records in DNS && /etc/krb5.conf contains this:
>
>
> dns_lookup_realm = true
> dns_lookup_kdc = true
>
> --
> Petr^2 Spacek
>
>
> ______________________________**_________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/**mailman/listinfo/freeipa-users<https://www.redhat.com/mailman/listinfo/freeipa-users>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20130626/ac697d50/attachment.htm>
More information about the Freeipa-users
mailing list