[Freeipa-users] while doing ipa-getkeytab , getting Operation failed! PrincipalName not found.
Dmitri Pal
dpal at redhat.com
Fri Dec 19 16:21:39 UTC 2014
On 12/19/2014 05:07 AM, Ben .T.George wrote:
> Hi List
>
> i was trying to add linux machine manually as client. iwas following
> this
> http://docs.fedoraproject.org/en-US/Fedora/15/html/FreeIPA_Guide/linux-manual.html
>
> while doing ipa-getkeytab on FreeIpa server, i am getting error like
> " Operation failed! PrincipalName not found."
>
> please help me to solve this issue.
When you do client enrollment using ipa-client you can run it in several
ways:
- high level admin that has full privileges in IPA (recommended just for
demo and POC purposes)
- low level admin that has permission to provision systems. Such admin
does not have privilege to create the host entry during registration.
The entry must be there. The error you see above indicates that the host
entry does not exist.
- automated system. In this case the entry has to be precereated and one
can set or request IPA to generate a registration code that can be used
once as an OTP to register client.
So if you do things manually you need to create host entry first
manually on the server side.
>
>
> thanks & Regards,
> Ben
>
>
>
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20141219/df754260/attachment.htm>
More information about the Freeipa-users
mailing list