hi, free IPA everyone?
I wanted to ask if you maybe seen below errors. I'm trying
regular:
$ ipa-client-install --principal=admin
--password="ccnR.Biotec13#diradm" --enable-dns-updates
and it fails:
...
?? Valid From:? 2018-01-09 16:51:35
??? Valid Until: 2038-01-09 16:51:35
Enrolled in IPA realm PRIVATE.CCNR.CEB.PRIVATE.CAM.AC.UK
Please make sure the following ports are opened in the
firewall settings:
???? TCP: 80, 88, 389
???? UDP: 88 (at least one of TCP/UDP ports 88 has to be open)
Also note that following ports are necessary for ipa-client
working properly after enrollment:
???? TCP: 464
???? UDP: 464, 123 (if NTP enabled)
Failed to obtain host TGT: Major (851968): Unspecified GSS
failure. Minor code may provide more information, Minor
(2529638936): Preauthentication failed
Installation failed. Rolling back changes.
Unconfigured automount client failed: Command
'ipa-client-automount --uninstall --debug' returned non-zero
exit status 1
Disabling client Kerberos and LDAP configurations
Redundant SSSD configuration file /etc/sssd/sssd.conf was
moved to /etc/sssd/sssd.conf.deleted
Client uninstall complete.
The ipa-client-install command failed. See
/var/log/ipaclient-install.log for more information
It's not time sync problem, server & client candidate are in
sync. Simple install, server installed okey but client fails
as above.
Does your IPA VERSION: 4.5.0, API_VERSION: 2.228 install
okey, with no problems?
many thanks, L.
