[Freeipa-users] ubuntu dns discovery

Johnny Tan johnnydtan at gmail.com
Fri May 22 16:05:54 UTC 2015 

Our servers run CentOS-6.6 and ipa-server-3.0.0-42.el6.centos.x86_64

Our CentOS clients (also 6.6) join the domain seamlessly.

Our Ubuntu 14.04 LTS clients, however, don't seem to be able to
auto-discover domain, realm, or IPA servers:
```
dpkg -l | grep freeipa
ii  freeipa-client                      3.3.4-0ubuntu3.1
        amd64        FreeIPA centralized identity framework -- client

/usr/sbin/ipa-client-install --mkhomedir --no-ntp --no-sudo --unattended
--hostname testing-ubuntu001.pp --principal admin --password xx --debug
/usr/sbin/ipa-client-install was invoked with options: {'domain': None,
'force': False, 'krb5_offline_passwords': True, 'primary': False,
'realm_name': None, 'force_ntpd': False, 'create_sshfp': True, 'conf_sshd':
True, 'conf_ntp': False, 'on_master': False, 'ntp_server': None,
'ca_cert_file': None, 'principal': 'admin', 'keytab': None, 'hostname':
'testing-ubuntu001.pp', 'no_ac': False, 'unattended': True, 'sssd': True,
'trust_sshfp': False, 'dns_updates': False, 'mkhomedir': True, 'conf_ssh':
True, 'force_join': False, 'server': None, 'prompt_password': False,
'permit': False, 'debug': True, 'preserve_sssd': False, 'uninstall': False}
missing options might be asked for interactively later
Loading Index file from '/var/lib/ipa-client/sysrestore/sysrestore.index'
Loading StateFile from '/var/lib/ipa-client/sysrestore/sysrestore.state'
[IPA Discovery]
Starting IPA discovery with domain=None, servers=None,
hostname=testing-ubuntu001.pp
Start searching for LDAP SRV record in "pp" (domain of the hostname) and
its sub-domains
Search DNS for SRV record of _ldap._tcp.pp
DNS record not found: EmptyLabel
Start searching for LDAP SRV record in ".pp" (search domain from
/etc/resolv.conf) and its sub-domains
Search DNS for SRV record of _ldap._tcp..pp
DNS record not found: EmptyLabel
Already searched pp; skipping
No LDAP server found
No LDAP server found
Unable to discover domain, not provided on command line
Installation failed. Rolling back changes.
IPA client is not configured on this system.
```

Yet on the same client:
```
root at testing-ubuntu001:~# dig srv _ldap._tcp.pp +short
0 100 389 production-ipa003.pp.
0 100 389 production-ipa001.pp.
0 100 389 production-ipa002.pp.
```

Why can't ipa-client-install discover those SRV records?

johnny
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150522/20d6f233/attachment.htm>

More information about the Freeipa-users mailing list