[Freeipa-users] Error while Enrolling Client

Yogesh Sharma yks0000 at gmail.com
Tue Aug 11 15:13:49 UTC 2015 

Hi Team,

While registering to IPA Server we are getting below error. Any suggestion
Please.

[root at client ~]# ipa-client-install --mkhomedir --no-ntp
Discovery was successful!
Hostname: client.domain.int
Realm: domain.INT
DNS Domain: domain.int
IPA Server: ldap.domain.int
BaseDN: dc=domain,dc=int

Continue to configure the system with these values? [no]: yes
User authorized to enroll computers: admin
Synchronizing time with KDC...
Unable to sync time with IPA NTP server, assuming the time is in sync.
Please check that 123 UDP port is opened.
Password for admin at domain.INT:
Enrolled in IPA realm domain.INT
Attempting to get host TGT...
Created /etc/ipa/default.conf
New SSSD config will be created
Configured sudoers in /etc/nsswitch.conf
Configured /etc/sssd/sssd.conf
Configured /etc/krb5.conf for IPA realm domain.INT
trying https://ldap.domain.int/ipa/xml
Forwarding 'env' to server u'https://ldap.domain.int/ipa/xml'
Traceback (most recent call last):
  File "/usr/sbin/ipa-client-install", line 2567, in <module>
    sys.exit(main())
  File "/usr/sbin/ipa-client-install", line 2553, in main
    rval = install(options, env, fstore, statestore)
  File "/usr/sbin/ipa-client-install", line 2346, in install
    remote_env = api.Command['env'](server=True)['result']
  File "/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 438, in
__call__
    ret = self.run(*args, **options)
  File "/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 1076, in
run
    return self.forward(*args, **options)
  File "/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 772, in
forward
    return self.Backend.xmlclient.forward(self.name, *args, **kw)
  File "/usr/lib/python2.6/site-packages/ipalib/rpc.py", line 731, in
forward
    raise error(message=e.faultString)
ipalib.errors.ACIError: Insufficient access: SASL(-1): generic failure:
GSSAPI Error: Unspecified GSS failure.  Minor code may provide more
information (Ticket not yet valid)



*Best Regards,*

*__________________________________________*

*Yogesh Sharma*
*Email: yks0000 at gmail.com <yks0000 at gmail.com> | Web: www.initd.in
<http://www.initd.in/> *

*RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*

<https://www.fb.com/yks0000>   <http://in.linkedin.com/in/yks0000>
<https://twitter.com/checkwithyogesh>
<http://google.com/+YogeshSharmaOnGooglePlus>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150811/3527d9df/attachment.htm>

More information about the Freeipa-users mailing list