[Freeipa-users] FW: Joining a host

Simpson Lachlan Lachlan.Simpson at petermac.org
Wed Feb 3 00:31:25 UTC 2016 


> -----Original Message-----
> From: Simpson Lachlan
> Sent: Wednesday, 3 February 2016 9:50 AM
> To: Simpson Lachlan
> Subject: RE: Joining a host
> 
> > -----Original Message-----
> > From: Simpson Lachlan
> >
> > [root at vmts-linux1 ~]# ipa-client-install Error checking LDAP: Operations error:
> > 000004DC: LdapErr: DSID-0C0906E8, comment: In order to perform this
> > operation a successful bind must be completed on the connection., data
> > 0, v1db1 Discovery was successful!
> > Client hostname: vmts-linux1.unix.example.org
> > Realm: UNIX.EXAMPLE.ORG
> > DNS Domain: unix.example.org
> > IPA Server: dc1.example.org
> > BaseDN: dc=unix,dc=example,dc=org
> >
> 
> Interestingly, if I choose to explicitly put the IPA server name, I get dire warnings
> of no DNS autodiscover.
> 
> The man page states:
> 
> "Client machine can also be configured without a DNS autodiscovery at all. When
> both --server and --domain options are used, client installer will use the specified
> server and domain directly."
> 
> 
> [root at vmts-linux1 ~]# ipa-client-install --server=vmts-linuxidm.unix.example.org
> Usage: ipa-client-install [options]
> 
> ipa-client-install: error: --server cannot be used without providing --domain
> 
> [root at vmts-linux1 ~]# ipa-client-install --server=vmts-linuxidm.unix.example.org -
> -domain=unix.example.org Autodiscovery of servers for failover cannot work with
> this configuration.
> If you proceed with the installation, services will be configured to always access
> the discovered server for all operations and will not fail over to other servers in
> case of failure.
> Proceed with fixed values and no DNS discovery? [no]:
> 
> 
> I think we now have two solid conclusions:
> 
>  - there are DNS issues in my domain that I need to fix up (why isn't
> _ldap._tcp.unix.example.org resolving to the IPA server?)
>  - the man page should clearly state that --server can't be run without the --domain
> option, unless it can, and the error message is wrong.
> 
> Cheers
> L.

This email (including any attachments or links) may contain 
confidential and/or legally privileged information and is 
intended only to be read or used by the addressee.  If you 
are not the intended addressee, any use, distribution, 
disclosure or copying of this email is strictly 
prohibited.  
Confidentiality and legal privilege attached to this email 
(including any attachments) are not waived or lost by 
reason of its mistaken delivery to you.
If you have received this email in error, please delete it 
and notify us immediately by telephone or email.  Peter 
MacCallum Cancer Centre provides no guarantee that this 
transmission is free of virus or that it has not been 
intercepted or altered and will not be liable for any delay 
in its receipt.

More information about the Freeipa-users mailing list