[Freeipa-users] increase the number of attempts to create /etc/krb5.keytab
Ask Stack
askstack at yahoo.com
Mon May 23 18:31:02 UTC 2016
My company's ipa-client-install fail very often. Debug logs show the process always failed at getting the /etc/krb5.keytab .
Is there a way to modify the script to increase number of attempts to create /etc/krb5.keytab ?
I noticed "--kinit-attempts=KINIT_ATTEMPTS, number of attempts to obtain host TGT (defaults to 5)." But it comes after setting up the "/etc/krb5.keytab" file.
Thanks.
server
ipa-server-3.0.0-47.el6_7.1.x86_64
cleint
ipa-client-3.0.0-47.el6_7.2.x86_64
ipa-client-3.0.0-50.el6.1.x86_64
#SUCCESSFUL ATTEMPT
</member>\n
</struct></value>\n
</data></array></value>\n
</param>\n
</params>\n
</methodResponse>\n
Keytab successfully retrieved and stored in: /etc/krb5.keytab
Certificate subject base is: O=TEST.COM
2016-05-23T14:40:49Z INFO Enrolled in IPA realm TEST.COM
2016-05-23T14:40:49Z DEBUG args=kdestroy
2016-05-23T14:40:49Z DEBUG stdout=
2016-05-23T14:40:49Z DEBUG stderr=
#FAILED ATTEMPT
</member>\n
</struct></value>\n
</data></array></value>\n
</param>\n
</params>\n
</methodResponse>\n
ipa-getkeytab: ../../../libraries/libldap/extended.c:177: ldap_parse_extended_result: Assertion `res != ((void *)0)' failed.
Certificate subject base is: O=TEST.COM
2016-05-23T14:37:08Z INFO Enrolled in IPA realm TEST.COM
2016-05-23T14:37:08Z DEBUG args=kdestroy
2016-05-23T14:37:08Z DEBUG stdout=
2016-05-23T14:37:08Z DEBUG stderr=
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160523/5b8535d0/attachment.htm>
More information about the Freeipa-users
mailing list