[Freeipa-users] FreeIPA Client Install 403 error
Rubin Binder
rbinder at wooplagaming.com
Wed Jul 20 18:28:55 UTC 2016
Justin,
Thank you very much for the prompt response. The log output is as follows:
2016-07-20T17:02:52Z DEBUG Starting external process
2016-07-20T17:02:52Z DEBUG args='/usr/sbin/ipa-join' '-s' 'ldap.mydomain.com' '-b' 'dc=mydomain,dc=com' '-h' 'centostest.mydomain.com'
2016-07-20T17:02:52Z DEBUG Process finished, return code=17
2016-07-20T17:02:52Z DEBUG stdout=
2016-07-20T17:02:52Z DEBUG stderr=HTTP response code is 403, not 200
2016-07-20T17:02:52Z ERROR Joining realm failed: HTTP response code is 403, not 200
2016-07-20T17:02:52Z ERROR Installation failed. Rolling back changes.
2016-07-20T17:02:52Z ERROR IPA client is not configured on this system.
Regards,
Rubin
----- Original Message -----
From: "Justin Stephenson" <jstephen at redhat.com>
To: "Rubin Binder" <rbinder at wooplagaming.com>, freeipa-users at redhat.com
Sent: Wednesday, July 20, 2016 2:49:16 PM
Subject: Re: [Freeipa-users] FreeIPA Client Install 403 error
Could you please share with us the /var/log/ipaclient-install.log ?
Kind regards,
Justin Stephenson
On 07/20/2016 01:23 PM, Rubin Binder wrote:
> Hello all,
>
> I am testing Free IPA server for use under a test environment, so far smooth sailing and have it up and running, no problems.
>
> The problem is occurring during client installation. I have installed the ipa-client package on a clean CentOS 7 OS. When I execute ipa-client-install... I get the following:
>
> Client hostname: centostest.mydomain.com
> Realm: MYDOMAIN.COM
> DNS Domain: mydomain.com
> IPA Server: ldap.mydomain.com
> BaseDN: dc=mydomain,dc=com
>
> Continue to configure the system with these values? [no]: yes
> Skipping synchronizing time with NTP server.
> User authorized to enroll computers: admin
> Password for admin at MYDOMAIN.COM:
> Successfully retrieved CA cert
> Subject: CN=Certificate Authority,O=MYDOMAIN.COM
> Issuer: CN=Certificate Authority,O=MYDOMAIN.COM
> Valid From: Wed Jul 13 13:12:08 2016 UTC
> Valid Until: Sun Jul 13 13:12:08 2036 UTC
>
> Joining realm failed: HTTP response code is 403, not 200
>
> Installation failed. Rolling back changes.
> IPA client is not configured on this system.
>
> I can't make sense of why I'd be seeing a 403 error. I've done my share of searching but have not found a similar issue. Some have report 401 errors in some circumstances, but not 403.
>
> Has anyone seen this before.
>
> Thanks,
> Rubin
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160720/7e3d246a/attachment.htm>
More information about the Freeipa-users
mailing list