IPAClientinstall
93 views
Skip to first unread message
Frederic Lhoest
Oct 25, 2013, 10:06:33 AM10/25/13
to cento...@googlegroups.com
Dear All, I'm having a big problem when trying to install the ipa client.
I need this to be able to authenticate my system to my IPA servers (that works well btw).
here is the issue :
[root@iscsi ~]# ipa-client-install --hostname=directory1.test.com
Traceback (most recent call last):
File "/usr/sbin/ipa-client-install", line 2323, in <module>
sys.exit(main())
File "/usr/sbin/ipa-client-install", line 2309, in main
rval = install(options, env, fstore, statestore)
File "/usr/sbin/ipa-client-install", line 1684, in install
ret = ds.search(domain=options.domain, servers=options.server, hostname=hostname, ca_cert_path=get_cert_path(options.ca_cert_file))
File "/usr/lib/python2.6/site-packages/ipaclient/ipadiscovery.py", line 242, in search
ldapret = self.ipacheckldap(server, self.realm, ca_cert_path=ca_cert_path)
File "/usr/lib/python2.6/site-packages/ipaclient/ipadiscovery.py", line 339, in ipacheckldap
basedn = get_ipa_basedn(lh)
File "/usr/lib/python2.6/site-packages/ipapython/ipautil.py", line 817, in get_ipa_basedn
contexts = entries[0][1]['namingcontexts']
KeyError: 'namingcontexts'
Any idea where to start looking ? ;)
Thanks.
Cheers,
Fred.
I need this to be able to authenticate my system to my IPA servers (that works well btw).
here is the issue :
[root@iscsi ~]# ipa-client-install --hostname=directory1.test.com
Traceback (most recent call last):
File "/usr/sbin/ipa-client-install", line 2323, in <module>
sys.exit(main())
File "/usr/sbin/ipa-client-install", line 2309, in main
rval = install(options, env, fstore, statestore)
File "/usr/sbin/ipa-client-install", line 1684, in install
ret = ds.search(domain=options.domain, servers=options.server, hostname=hostname, ca_cert_path=get_cert_path(options.ca_cert_file))
File "/usr/lib/python2.6/site-packages/ipaclient/ipadiscovery.py", line 242, in search
ldapret = self.ipacheckldap(server, self.realm, ca_cert_path=ca_cert_path)
File "/usr/lib/python2.6/site-packages/ipaclient/ipadiscovery.py", line 339, in ipacheckldap
basedn = get_ipa_basedn(lh)
File "/usr/lib/python2.6/site-packages/ipapython/ipautil.py", line 817, in get_ipa_basedn
contexts = entries[0][1]['namingcontexts']
KeyError: 'namingcontexts'
Any idea where to start looking ? ;)
Thanks.
Cheers,
Fred.
David Ramirez
Apr 21, 2014, 5:39:50 PM4/21/14
to cento...@googlegroups.com
I hit the same exact error, when trying to configure my first IPA client on a CentOS 6.5 system (after having done this successfully on a Fedora 20 client). The IPA server is also a CentOS 6.5 machine, configured also as a forwarding DNS, but NTP is to be delegated to the actual ntp servers that are available in my campus.
While the Fedora install was not very picky after having fully defined the realm as SUBREALM.MYREALM.MYSITE.EDU (example), the CentOS dialogue crashed with the problem of this posting.
Running with the -d option showed what was going on: the installer was trying to contact an external LDAP server that it apparently found responding for REALM.MYSITE.EDU, ignoring my (local) subdomain IPA server.
So, the solution was to fully specify the domain and the IPA server in the invocation line:
# ipa-client-install -d --domain=SUBREALM.MYREALM.MYSITE.EDU --server=myipaserver.mysubdomain.mydomain.edu
Doing this went clear of the problem above. At some point it will report "Server and domain forced" but then it will interact correctly with thy own IPA server.
Although I'm yet to test the full functionality of the service, it reported completion of the configuration as expected.
While the Fedora install was not very picky after having fully defined the realm as SUBREALM.MYREALM.MYSITE.EDU (example), the CentOS dialogue crashed with the problem of this posting.
Running with the -d option showed what was going on: the installer was trying to contact an external LDAP server that it apparently found responding for REALM.MYSITE.EDU, ignoring my (local) subdomain IPA server.
So, the solution was to fully specify the domain and the IPA server in the invocation line:
# ipa-client-install -d --domain=SUBREALM.MYREALM.MYSITE.EDU --server=myipaserver.mysubdomain.mydomain.edu
Doing this went clear of the problem above. At some point it will report "Server and domain forced" but then it will interact correctly with thy own IPA server.
Although I'm yet to test the full functionality of the service, it reported completion of the configuration as expected.
Reply all
Reply to author
Forward
0 new messages