[Freeipa-users] ipa-client-install errors
Gady Notrica
gnotrica at candeal.com
Wed Apr 20 20:27:37 UTC 2016
You guys are awesome!!!!
# ipa-client-install --enable-dns-updates --mkhomedir --no-ntp
Discovery was successful!
…
Continue to configure the system with these values? [no]: yes
…
Created /etc/ipa/default.conf
New SSSD config will be created
Configured sudoers in /etc/nsswitch.conf
Configured /etc/sssd/sssd.conf
….
Systemwide CA database updated.
Added CA certificates to the default NSS database.
…
Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub
Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub
Adding SSH public key from /etc/ssh/ssh_host_ed25519_key.pub
….
SSSD enabled
Configured /etc/openldap/ldap.conf
Configured /etc/ssh/ssh_config
Configured /etc/ssh/sshd_config
Configuring ipa.candeal.ca as NIS domain.
Client configuration complete.
Gady
-----Original Message-----
From: Lukas Slebodnik [mailto:lslebodn at redhat.com]
Sent: April 20, 2016 4:16 PM
To: Gady Notrica
Cc: Rob Crittenden; Martin Basti; freeipa-users at redhat.com
Subject: Re: [Freeipa-users] ipa-client-install errors
On (20/04/16 20:10), Gady Notrica wrote:
>[root at cd-s-prd-db1 krb5.include.d]# ls -l
>
>-rw-r--r--. 1 root root 224 Apr 9 07:24 domain_realm_ipa_candeal_ca
>
>-rw-r--r--. 1 root root 118 Apr 9 07:24 localauth_plugin
>
>
>
>[root at cd-s-prd-db1 krb5.include.d]# cat domain_realm_ipa_candeal_ca
>
># Generated by NetworkManager
>
>search ipa.candeal.ca
>
>nameserver 172.20.10.40
>
>nameserver 172.20.10.41
This should be content of /etc/resolv.conf and not domain_realm_ipa_candeal_ca
>
>
>
>[root at cd-s-prd-db1 krb5.include.d]# cat localauth_plugin
>
>[domain_realm]
>
>.AD.candeal.ca = AD.CANDEAL.CA
>
>AD.candeal.ca = AD.CANDEAL.CA
>
>[capaths]
>
This should be content of domain_realm_ipa_candeal_ca and not localauth_plugin
Remove both files. It is safe. They will be created by sssd after start.
LS
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160420/bae74d1e/attachment.htm>
More information about the Freeipa-users
mailing list