[Freeipa-users] ipa-client install failurres, Could not resolve host: ipa-master-in.xyz.com; Unknown error
Rakesh Rajasekharan
rakesh.rajasekharan at gmail.com
Wed Jul 27 17:29:39 UTC 2016
Hi,
I am running ipa server 4.2 and set it up without using "--setup-dns=no".
On few clients the installation fails with the below error message.
I verified that the ipa master dns is resolvable. Not sure what could be
wrong here..
Joining realm failed: libcurl failed to execute the HTTP POST transaction,
explaining: Could not resolve host: ipa-master-in.xyz.com; Unknown error
Use ipa-getkeytab to obtain a host principal for this server.
Please make sure the following ports are opened in the firewall settings:
TCP: 80, 88, 389
UDP: 88 (at least one of TCP/UDP ports 88 has to be open)
Also note that following ports are necessary for ipa-client working
properly after enrollment:
TCP: 464
UDP: 464, 123 (if NTP enabled)
Failed to obtain host TGT: (-1765328203, 'Key table entry not found')
Installation failed. Force set so not rolling back changes.
I tried removeing /etc/ipa/ca.crt and delete any older certificates
"certutil -D -n 'IPA CA' -d /etc/pki/nssdb"
However, no luck yet..
any suggestions on how can I debug this..
Thanks
Rakesh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160727/52af2d6e/attachment.htm>
More information about the Freeipa-users
mailing list