[Freeipa-users] ipa-client-install errors

Gady Notrica gnotrica at candeal.com
Wed Apr 20 20:27:37 UTC 2016 

You guys are awesome!!!!



# ipa-client-install --enable-dns-updates --mkhomedir --no-ntp

Discovery was successful!

…



Continue to configure the system with these values? [no]: yes

…

Created /etc/ipa/default.conf

New SSSD config will be created

Configured sudoers in /etc/nsswitch.conf

Configured /etc/sssd/sssd.conf

….

Systemwide CA database updated.

Added CA certificates to the default NSS database.

…

Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub

Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub

Adding SSH public key from /etc/ssh/ssh_host_ed25519_key.pub

….

SSSD enabled

Configured /etc/openldap/ldap.conf

Configured /etc/ssh/ssh_config

Configured /etc/ssh/sshd_config

Configuring ipa.candeal.ca as NIS domain.

Client configuration complete.



Gady



-----Original Message-----
From: Lukas Slebodnik [mailto:lslebodn at redhat.com]
Sent: April 20, 2016 4:16 PM
To: Gady Notrica
Cc: Rob Crittenden; Martin Basti; freeipa-users at redhat.com
Subject: Re: [Freeipa-users] ipa-client-install errors



On (20/04/16 20:10), Gady Notrica wrote:

>[root at cd-s-prd-db1 krb5.include.d]# ls -l

>

>-rw-r--r--. 1 root root 224 Apr  9 07:24 domain_realm_ipa_candeal_ca

>

>-rw-r--r--. 1 root root 118 Apr  9 07:24 localauth_plugin

>

>

>

>[root at cd-s-prd-db1 krb5.include.d]# cat domain_realm_ipa_candeal_ca

>

># Generated by NetworkManager

>

>search ipa.candeal.ca

>

>nameserver 172.20.10.40

>

>nameserver 172.20.10.41

This should be content of /etc/resolv.conf and not domain_realm_ipa_candeal_ca



>

>

>

>[root at cd-s-prd-db1 krb5.include.d]# cat localauth_plugin

>

>[domain_realm]

>

>.AD.candeal.ca = AD.CANDEAL.CA

>

>AD.candeal.ca = AD.CANDEAL.CA

>

>[capaths]

>

This should be content of domain_realm_ipa_candeal_ca and not localauth_plugin



Remove both files. It is safe. They will be created by sssd after start.



LS
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160420/bae74d1e/attachment.htm>

More information about the Freeipa-users mailing list