Hello all!! I cannot get a RHEL5.10 client to install!
[root@hostname ~]# ipa-client-install --hostname=hostname.domain.com --no-ntp --ca-cert-file=/etc/ipa/ca.crt DNS domain 'doman.com' is not configured for automatic KDC address lookup. KDC address will be set to fixed value. Discovery was successful! Hostname:hostname.com Realm:DOMAIN.COM DNS Domain: domain.com IPA Server: ipaserver.com BaseDN: dc=ipa,dc=dc,dc=sita,dc=com Joining realm failed: SASL Bind failed Local error (-2) ! child exited with 9 Installation failed. Rolling back changes. This is what the krb log had to say Mar 08 06:24:00 [email protected] krb5kdc[29358](info): TGS_REQ (1 etypes {18}) 10.226.124.10: ISSUE: authtime 1394259840, etypes {rep=18 tkt=18 ses=18}, [email protected] for krbtgt/[email protected] Mar 08 06:24:00 [email protected] krb5kdc[29357](info): TGS_REQ (4 etypes {18 17 16 23}) 10.226.20.31: ISSUE: authtime 1394259840, etypes {rep=18 tkt=18 ses=18}, [email protected] for ldap/[email protected] krb5kdc: Cannot determine realm for numeric host address - unable to find realm of host Mar 08 06:24:00 [email protected] krb5kdc[29358](info): TGS_REQ (7 etypes {18 17 16 23 1 3 2}) 10.22.22.10: UNKNOWN_SERVER: authtime 0, [email protected] for ldap/[email protected], Server not found in Kerberos database Mar 08 06:24:00 [email protected] krb5kdc[29357](info): TGS_REQ (7 etypes {18 17 16 23 1 3 2}) 10.22.22.10: UNKNOWN_SERVER: authtime 0, [email protected] for ldap/[email protected], Server not found in Kerberos database After reviewing the https://access.redhat.com/site/solutions/231543 post IPA: Joining realm failed: SASL Bind failed Local error (-2) ! child exited with 9. I checked all my DNS info via dig and took a working DNS config from another server. Everything appears to be setup right. What could I be overlooking? Thank You, Rashard Kelly SITA Senior Linux Specialist This document is strictly confidential and intended only for use by the addressee unless otherwise stated. If you are not the intended recipient, please notify the sender immediately and delete it from your system.
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
