[Freeipa-users] IPA Ldap only as Client on different IPA server
Matt .
yamakasi.014 at gmail.com
Fri Apr 7 21:18:03 UTC 2017
Nope, I provision my servers and they are added to my FreeIPA
environment which auths my systeadmins. But on a server I provisioned
I need to install FreeIPA as well, but without dns and ca, so it's
doing ldap only actually.
When I want to install FreeIPA server on this IPA client it tells me
(which is logical):
ipa.ipapython.install.cli.install_tool(Server): ERROR IPA client is
already configured on this system.
Please uninstall it before configuring the IPA server, using
'ipa-client-install --uninstall'
So what I want to do is install FreeIPA server on it but using local
system accounts to be auth against the former IPA server the client
was assigned to.
So:
IPA01 get's a host which is LDAP01 but LDAP01 needs to be installed
with FreeIPA (no dns and CA) as well but I want to have local
sysaccounts that login to cli and such auth against IPA01 after it's
installed with FreeIPA and the clientconfig for sssd is not there
anymore because of the 'ipa-client-install --uninstall'
2017-04-07 23:11 GMT+02:00 Rob Crittenden <rcritten at redhat.com>:
> Matt . wrote:
>> When I have a full ipa setup and I want to add a host to it that is
>> installed or needs to be installed as IPA LDAP server only, is that
>> possible ?
>
> If you're asking if only 389-ds can be configured on an IPA server, no,
> not using any IPA tools in any case.
>
>> Of course the ipa-server-install complains that the agent is already
>> configured on the host but there might be a way ? Or just copy the
>> config back faster the IPA LDAP only server is installed ?
>
> I don't understand. Seeing the error message and commands might help.
>
> rob
>
More information about the Freeipa-users
mailing list