[Freeipa-users] Broken krb5.conf after ipa-server-install
Orion Poplawski
orion at cora.nwra.com
Wed Jan 14 21:04:48 UTC 2015
After running ipa-server-install like this:
ipa-server-install -r NWRA.COM -n nwra.com -p `cat /etc/ldap.secret` -a `cat
/etc/ldap.secret` --root-ca-file=PositiveSSLCA2.crt
--dirsrv_pkcs12=nwra.com.p12 --dirsrv_pin=XXX --http_pkcs12=nwra.com.p12
--http_pin=XXX --idstart=8000
I'm not configuring bind.
I ended up with a broken krb5.conf with entries like:
[libdefaults]
default_realm = #
[realms]
NWRA.COM = {
kdc = server.nwra.com:88
master_kdc = server.nwra.com:88
admin_server = server.nwra.com:749
default_domain = nwra.com
pkinit_anchors = FILE:/etc/ipa/ca.crt
}
# = {
kdc = server.nwra.com:88
admin_server = server.nwra.com:749
}
[domain_realm]
.nwra.com = NWRA.COM
nwra.com = NWRA.COM
# = #
.# = #
Any idea where the #'s are coming from?
ipa-server-3.3.3-28.el7_0.3.x86_64
--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane orion at nwra.com
Boulder, CO 80301 http://www.nwra.com
More information about the Freeipa-users
mailing list