[Freeipa-users] Configuration of client side components failed! on IPA Server

[Yogesh Sharma]

Hi,

We are getting below error while we are installing IPA Server
(ipa-server-install --no-ntp).


**
*Configuration of client side components failed!*
*ipa-client-install returned: Command '/usr/sbin/ipa-client-install
--on-master --unattended --domain sd.int <http://sd.int> --server
ldap-inf-stg-sg1-01.sd.int <http://ldap-inf-stg-sg1-01.sd.int> --realm
SD.INT <http://SD.INT> --hostname ldap-inf-stg-sg1-01.sd.int
<http://ldap-inf-stg-sg1-01.sd.int>' returned non-zero exit status 1*

**Logs indicate below errors:

*2015-03-25T06:39:59Z DEBUG args=/usr/bin/ldappasswd -h
ldap-inf-stg-sg1-01.sd.int <http://ldap-inf-stg-sg1-01.sd.int> -ZZ -x -D
cn=Directory Manager -y /var/lib/ipa/tmpiI0qCS -T /var/lib/ipa/tmp0iYpzn
uid=admin,cn=users,cn=accounts,dc=sd,dc=int*
*2015-03-25T06:39:59Z DEBUG stdout=*
*2015-03-25T06:39:59Z DEBUG stderr=*
*2015-03-25T06:39:59Z DEBUG ldappasswd done*
*2015-03-25T06:40:10Z DEBUG args=/usr/sbin/ipa-client-install --on-master
--unattended --domain sd.int <http://sd.int> --server
ldap-inf-stg-sg1-01.sd.int <http://ldap-inf-stg-sg1-01.sd.int> --realm
SD.INT <http://SD.INT> --hostname ldap-inf-stg-sg1-01.sd.int
<http://ldap-inf-stg-sg1-01.sd.int>*
*2015-03-25T06:40:10Z DEBUG stdout=*
*2015-03-25T06:40:10Z DEBUG stderr=Failed to verify that
ldap-inf-stg-sg1-01.sd.int <http://ldap-inf-stg-sg1-01.sd.int> is an IPA
Server.*
*This may mean that the remote server is not up or is not reachable due to
network or firewall settings.*
*Please make sure the following ports are opened in the firewall settings:*
*     TCP: 80, 88, 389*
*     UDP: 88 (at least one of TCP/UDP ports 88 has to be open)*
*Also note that following ports are necessary for ipa-client working
properly after enrollment:*
*     TCP: 464*
*     UDP: 464, 123 (if NTP enabled)*
*Installation failed. Rolling back changes.*
*Unconfigured automount client failed: Command 'ipa-client-automount
--uninstall --debug' returned non-zero exit status 1*
*Removing Kerberos service principals from /etc/krb5.keytab*
*Disabling client Kerberos and LDAP configurations*
*Redundant SSSD configuration file /etc/sssd/sssd.conf was moved to
/etc/sssd/sssd.conf.deleted*
*nscd daemon is not installed, skip configuration*
*nslcd daemon is not installed, skip configuration*
*Client uninstall complete.*

*2015-03-25T06:40:10Z INFO   File
"/usr/lib/python2.6/site-packages/ipaserver/install/installutils.py", line
614, in run_script*
*    return_value = main_function()*

*  File "/usr/sbin/ipa-server-install", line 1103, in main*
*    sys.exit("Configuration of client side components
failed!\nipa-client-install returned: " + str(e))*

*2015-03-25T06:40:10Z INFO The ipa-server-install command failed,
exception: SystemExit: Configuration of client side components failed!*
*ipa-client-install returned: Command '/usr/sbin/ipa-client-install
--on-master --unattended --domain sd.int <http://sd.int> --server
ldap-inf-stg-sg1-01.sd.int <http://ldap-inf-stg-sg1-01.sd.int> --realm
SD.INT <http://SD.INT> --hostname ldap-inf-stg-sg1-01.sd.int
<http://ldap-inf-stg-sg1-01.sd.int>' returned non-zero exit status 1*

**


This server is on AWS and I can confirm that all above ports are opened.
Also as it is installing on same server where IPA Server is being
installed, Port should not be an issue.

Am I missing anything here. 




*Best Regards,__________________________________________*

*Yogesh Sharma*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150325/5b33e82e/attachment.htm>