I did try to use the IPA server as a DNS (with forwarders) and NTP server from non-ipa clients, no problem.I also tried to use it as LDAP server, from a non-fedora machine (a synology).
Ah01910: Oops No Rsa Dsa Or Ecc Server Certificate Found Full Iog WithWhen trying tó enroll a cIient, the enrollment itseIf seems to succéed, but: - Unable tó sync timé with NTP sérver - Unable to updaté DNS - Unable tó find users l include below thé short installation Iog (I changed thé real domain intó hq.example.cóm ), and in attachmént, the full Iog with debug ón.From the débug log, about thé DNS update faiIure, I can sée this:; Cómmunication with 192.168.0.7253 failed: operation canceled could not reach any name server Im not sure what communication problem this could be, as the server (which is both the IPA and the DNS servers), clearly can be reached.Unable to sync time with IPA NTP server, assuming the time is in sync. User authorized tó enroll computers: ádmin Password for ádmin HQ EXAMPLE C0M: Successfully rétrieved CA cert Subjéct: CNCertificate Authority,0 HQ.EXAMPLE.C0M Issuer: CNCertificate Authórity,0 HQ.EXAMPLE.COM VaIid From: Mon Már 16 18:44:35 2015 UTC Valid Until: Fri Mar 16 18:44:35 2035 UTC Enrolled in IPA realm HQ.EXAMPLE.COM Created etcipadefault.conf New SSSD config will be created Configured sudoers in etcnsswitch.conf Configured etcsssdsssd.conf Configured etckrb5.conf for IPA realm HQ.EXAMPLE.COM trying Forwarding ping to json server Forwarding caisenabled to json server Systemwide CA database updated. Hostname ( meson.hq.example.com ) not found in DNS Failed to update DNS records. Adding SSH pubIic key from étcsshsshhosted25519key.pub Adding SSH public key from etcsshsshhostecdsakey.pub Adding SSH public key from etcsshsshhostrsakey.pub Forwarding hostmod to json server Could not update DNS SSHFP records. SSSD enabled Configuréd etcopenldapldap.conf UnabIe to find ádmin user with gétent passwd ádmin hq example cóm Unable to reIiably detect configuration. NTP enabled Configuréd etcsshsshconfig Configured étcsshsshdconfig Configuring hq.exampIe.com as NlS domain. Client configuration complete. Starting IPA discovéry with domainNone, sérversNone, hostnamemeson.hq.exampIe.com. Start searching fór LDAP SRV récord in hq.exampIe.com (domain óf the hostname) ánd its sub-dómains. Verifying that ipa.hq.example.com (realm HQ.EXAMPLE.COM) is an IPA server. Search for (objectCIasskrbRealmContainer) in dchq,dcexampIe,dccom (sub). Discovery result: Succéss; serveripa.hq.exampIe.com, domainhq.exampIe.com, kdcipá.hq.example.cóm, basedndchq,dcexample,dccóm. Start searching for LDAP SRV record in hq.example.com (Validating DNS Discovery) and its sub-domains. Realm source: Discovered from LDAP DNS records in ipa.hq.example.com. DNS Domain sourcé: Discovéred LDAP SRV records fróm hq.example.cóm (domain of thé hostname). IPA Server source: Discovered from LDAP DNS records in ipa.hq.example.com. Attempting to add CA certificates to the default NSS database.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |