[Freeipa-users] DNS discovery failed to determine your DNS domain
Willie Slepecki
scphantm at gmail.com
Sat May 18 17:13:02 UTC 2013
Your also going to have to create the folder /etc/pki/nssdb or the script
will also fail. That trick cost me a day of farting around
On Saturday, May 18, 2013, Willie Slepecki wrote:
> Do a --help on the script. I specify every parameter. When I trust the
> script to discover anything on ubuntu it fails. Even the host name.
>
> On Saturday, May 18, 2013, Endre Karlson wrote:
>
> So I am trying to enrull Ubuntu into FreeIPA.
>
> But I am getting a number of issues:
> 1. DNS autodiscovery isn't working.
> 2. certutils fails at the end?
>
> In my setup I currently have 1 IPA server running DNS and all of it.
>
> What can be wrong?
>
> Endre.
>
> sudo ipa-client-install -d --enable-dns-updates
> root : DEBUG /usr/sbin/ipa-client-install was invoked with
> options: {'conf_ntp': True, 'domain': None, 'uninstall': False, 'force':
> False, 'sssd': True, 'krb5_offline_passwords': True, 'hostname': None,
> 'preserve_sssd': False, 'server': None, 'prompt_password': False,
> 'mkhomedir': False, 'dns_updates': True, 'permit': False, 'debug': True,
> 'on_master': False, 'ntp_server': None, 'realm_name': None, 'unattended':
> None, 'principal': None}
> root : DEBUG missing options might be asked for interactively
> later
>
> root : DEBUG Loading Index file from
> '/var/lib/ipa-client/sysrestore/sysrestore.index'
> root : DEBUG Loading StateFile from
> '/var/lib/ipa-client/sysrestore/sysrestore.state'
> root : DEBUG [ipadnssearchldap(coretrek.net)]
> root : DEBUG [ipadnssearchldap(net)]
> root : DEBUG [ipadnssearchldap(coretrek.net)]
> root : DEBUG [ipadnssearchldap(net)]
> root : DEBUG Domain not found
> DNS discovery failed to determine your DNS domain
> Provide the domain name of your IPA server (ex: example.com): coretrek.net
> root : DEBUG will use domain: coretrek.net
>
> root : DEBUG [ipadnssearchldap]
> root : DEBUG IPA Server not found
> DNS discovery failed to find the IPA Server
> Provide your IPA server name (ex: ipa.example.com):
> st-vidm001.coretrek.net
> root : DEBUG will use server: st-vidm001.coretrek.net
>
> root : DEBUG [ipadnssearchkrb]
> root : DEBUG [ipacheckldap]
> root : DEBUG args=/usr/bin/wget -O /tmp/tmp1RBeGA/ca.crt -T 15
> -t 2 http://st-vidm001.coretrek.net/ipa/config/ca.crt
> root : DEBUG stdout=
> root : DEBUG stderr=--2013-05-18 18:40:05--
> http://st-vidm001.coretrek.net/ipa/config/ca.crt
> Resolving st-vidm001.coretrek.net (st-vidm001.coretrek.net)...
> 172.16.200.5
> Connecting to st-vidm001.coretrek.net (st-vidm001.coretrek.net)|172.16.200.5|:80...
> connected.
> HTTP request sent, awaiting response... 200 OK
> Length: 1321 (1.3K) [application/x-x509-ca-cert]
> Saving to: `/tmp/tmp1RBeGA/ca.crt'
>
> 0K . 100% 69.1M=0s
>
> 2013-05-18 18:40:05 (69.1 MB/s) - `/tmp/tmp1RBeGA/ca.crt' saved [1321/1321]
>
>
> root : DEBUG Init ldap with: ldap://st-vidm001.coretrek.net:389
> root : DEBUG Search LDAP server for IPA base DN
> root : DEBUG Check if naming context 'dc=coretrek,dc=net' is for
> IPA
> root : DEBUG Naming context 'dc=coretrek,dc=net' is a valid IPA
> context
> root : DEBUG Search for (objectClass=krbRealmContainer) in
> dc=coretrek,dc=net(sub)
> root : DEBUG Found: [('cn=CORETREK.NET,cn=kerberos,dc=coretrek,dc=net',
> {'krbSubTrees': ['dc=coretrek,dc=net'], 'cn': ['CO <http://CORETREK.NET>
>
> --
> You want it fast, cheap, or right. Pick two!!
>
--
You want it fast, cheap, or right. Pick two!!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20130518/5624be82/attachment.htm>
More information about the Freeipa-users
mailing list