On 01/20/2016 05:55 PM, bahan w wrote: > Ah sorry, for security reasons I didn't want to put the original name and I > made a mistake. > > Here we are, for the confusing lines : > ### > Assuming realm is the same as domain: <MYDOMAIN> > Generated basedn from realm: dc=<mydomain> > Discovery result: NO_ACCESS_TO_LDAP; server=None, domain=<mydomain>, > kdc=None, basedn=dc=<mydomain> > Validated servers: <fqdn ipa server> > will use discovered domain: <mydomain> > Using servers from command line, disabling DNS discovery > will use provided server: <fqdn ipa server> > will use discovered realm: <MYDOMAIN> > The provided realm name [<MYREALM>] does not match discovered one > [<MYDOMAIN>] > (<MYDOMAIN>: Assumed same as domain) > Installation failed. Rolling back changes > IPA client is not configured on this system. > ### > > Is it more clear ? Sorry again for the confusion. > > I use a realm which is different than the domain.
Ah, I see. I think you just found a bug. The problem is that given the server is not reachable, the realm is calculated based on the domain and then rejected as it is different from the option. In this case, ipa-client-install should just accept the realm passed to the script. It is very specific condition, but we should be able to fix that easily I filed a bug: https://bugzilla.redhat.com/show_bug.cgi?id=1300561 We will need to think if there is a workaround for you until the fix is delivered. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
