[Freeipa-users] ipa-client-install fails on replica because of kinit cannot contact any KDC
Shree
shreerajkarulkar at yahoo.com
Tue Feb 11 17:02:19 UTC 2014
Lukas
I read the information on those two links, my problem is different. My replica is working fine, the database has all the records. My problem is I am not able to use the replica for ipa-client -install. In one of my replies I sent information that kinit was trying to access my master instead of the replica. Let me know what you think. Thanks
Shreeraj
----------------------------------------------------------------------------------------
Change is the only Constant !
On Saturday, February 8, 2014 1:29 AM, Lukas Slebodnik <lslebodn at redhat.com> wrote:
On (06/02/14 18:33), Shree wrote:
>First of all, the ipa-replica-install did not allow me to use the --setup-ca
> option complaining that a cert already exists, replicate creation was
> successful after I skipped the option.
>Seems like the replica is one except
>1) There is no CA Service running on the replica (which I guess is expected)
>and
>2) I am unable to run ipa-client-install successfully on any clients using
> the replica. (I don't have the option of using the primary master as it is
> configured in a segregated environment. Only the master and replica are
> allowed to sync.
>Debug shows it fails at
>
>ipa : DEBUG stderr=kinit: Cannot contact any KDC for realm 'mydomainname.com' while getting initial credentials
>
>
I was not able to install replica witch CA on fedora 20,
Bug is already reported https://fedorahosted.org/pki/ticket/816
Guys from dogtag found a workaround
https://fedorahosted.org/pki/ticket/816#comment:12
Does it work for you?
LS
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140211/5fa9e76d/attachment.htm>
More information about the Freeipa-users
mailing list