Attachment 834673 Details for Bug 1039903 – ipa client install log file

ipa client install log file

ipaclient-install.log (text/plain), 3.49 KB, created by Kaleem on 2013-12-10 09:48:34 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Kaleem

Created: 2013-12-10 09:48:34 UTC

Size: 3.49 KB

patch

obsolete

>2013-12-10T09:37:56Z DEBUG /usr/sbin/ipa-client-install was invoked with options: {'domain': 'testrelm.com', 'force': False, 'krb5_offline_passwords': True, 'primary': False, 'mkhomedir': False, 'create_sshfp': True, 'conf_sshd': True, 'on_master': False, 'conf_ntp': True, 'ca_cert_file': None, 'ntp_server': None, 'principal': 'admin', 'hostname': None, 'no_ac': False, 'unattended': True, 'sssd': True, 'trust_sshfp': False, 'dns_updates': False, 'realm_name': 'TESTRELM.COM', 'conf_ssh': True, 'force_join': False, 'server': ['aliasofMaster'], 'prompt_password': False, 'permit': False, 'debug': False, 'preserve_sssd': False, 'uninstall': False}
>2013-12-10T09:37:56Z DEBUG missing options might be asked for interactively later
>2013-12-10T09:37:56Z DEBUG Loading Index file from '/var/lib/ipa-client/sysrestore/sysrestore.index'
>2013-12-10T09:37:56Z DEBUG Loading StateFile from '/var/lib/ipa-client/sysrestore/sysrestore.state'
>2013-12-10T09:37:56Z DEBUG [IPA Discovery]
>2013-12-10T09:37:56Z DEBUG Starting IPA discovery with domain=testrelm.com, servers=['aliasofMaster'], hostname=rhel65-client.testrelm.com
>2013-12-10T09:37:56Z DEBUG Server and domain forced
>2013-12-10T09:37:56Z DEBUG [Kerberos realm search]
>2013-12-10T09:37:56Z DEBUG Search DNS for TXT record of _kerberos.testrelm.com.
>2013-12-10T09:37:56Z DEBUG No DNS record found
>2013-12-10T09:37:56Z DEBUG [LDAP server check]
>2013-12-10T09:37:56Z DEBUG Verifying that aliasofMaster (realm None) is an IPA server
>2013-12-10T09:37:56Z DEBUG Init LDAP connection with: ldap://aliasofMaster:389
>2013-12-10T09:37:56Z ERROR LDAP Error: Connect error: TLS error -8157:Certificate extension not found.
>2013-12-10T09:37:56Z DEBUG Discovery result: UNKNOWN_ERROR; server=None, domain=testrelm.com, kdc=None, basedn=None
>2013-12-10T09:37:56Z DEBUG Validated servers: 
>2013-12-10T09:37:56Z DEBUG will use discovered domain: testrelm.com
>2013-12-10T09:37:56Z DEBUG IPA Server not found
>2013-12-10T09:37:56Z DEBUG [IPA Discovery]
>2013-12-10T09:37:56Z DEBUG Starting IPA discovery with domain=testrelm.com, servers=['aliasofMaster'], hostname=rhel65-client.testrelm.com
>2013-12-10T09:37:56Z DEBUG Server and domain forced
>2013-12-10T09:37:56Z DEBUG [Kerberos realm search]
>2013-12-10T09:37:56Z DEBUG Search DNS for TXT record of _kerberos.testrelm.com.
>2013-12-10T09:37:56Z DEBUG No DNS record found
>2013-12-10T09:37:56Z DEBUG [LDAP server check]
>2013-12-10T09:37:56Z DEBUG Verifying that aliasofMaster (realm None) is an IPA server
>2013-12-10T09:37:56Z DEBUG Init LDAP connection with: ldap://aliasofMaster:389
>2013-12-10T09:37:56Z ERROR LDAP Error: Connect error: TLS error -8157:Certificate extension not found.
>2013-12-10T09:37:56Z DEBUG Discovery result: UNKNOWN_ERROR; server=None, domain=testrelm.com, kdc=None, basedn=None
>2013-12-10T09:37:56Z DEBUG Validated servers: 
>2013-12-10T09:37:56Z ERROR Failed to verify that aliasofMaster is an IPA Server.
>2013-12-10T09:37:56Z ERROR This may mean that the remote server is not up or is not reachable due to network or firewall settings.
>2013-12-10T09:37:56Z INFO Please make sure the following ports are opened in the firewall settings:
>     TCP: 80, 88, 389
>     UDP: 88 (at least one of TCP/UDP ports 88 has to be open)
>Also note that following ports are necessary for ipa-client working properly after enrollment:
>     TCP: 464
>     UDP: 464, 123 (if NTP enabled)
>2013-12-10T09:37:56Z DEBUG (aliasofMaster: Provided as option)
>2013-12-10T09:37:56Z ERROR Installation failed. Rolling back changes.
>2013-12-10T09:37:56Z ERROR IPA client is not configured on this system.

Actions: View

Attachments on bug 1039903: 834673 | 895394