[Freeipa-users] ipa-client-install and nsslapd-allow-anonymous-access: off
Martin Kosek
mkosek at redhat.com
Wed Jan 20 12:26:26 UTC 2016
On 01/20/2016 12:08 PM, bahan w wrote:
> Hello !
>
> I send you this mail because of the following topic.
>
> I have FreeIPA 3.0.0.25 with RHEL 6.6 and I deactivated the anonymous
> access for security reasons.
>
> But now, I have a problem when I try to enroll a new host.
>
> Here is the command I try :
> ###
> ipa-client-install --domain=<mydomain> --realm=<myrealm> --server=<fqdn
> ipaserver> --principal=admin --password=<PASSWORD FOR IPA ADMIN>
> --mkhomedir --hostname=<fqdn server> --no-ntp --no-ssh --no-sshd
> --unattended
> ###
>
> And here is the error message :
> ###
> 2016-01-20T11:06:44Z DEBUG Verifying that <fqdn ipaserver> (realm None) is
> an IPA server
> 2016-01-20T11:06:44Z DEBUG Init LDAP connection with: ldap://<fqdn ipa
> server>:389
> 2016-01-20T11:06:44Z DEBUG LDAP Error: Anonymous access not allowed
> ###
>
> Is there a way with IPA 3.0.0.25 to enroll host with the anonymous acces
> disabled ?
>
> Best regards.
>
> Bahan
Hello,
This looks like
https://bugzilla.redhat.com/show_bug.cgi?id=922843
It should be fixed in recent ipa-client versions (ipa-3.0.0-29.el6 and later).
HTH,
Martin
More information about the Freeipa-users
mailing list