Bug 1359692
| Summary: | ipa-client-install join fail with traceback against RHEL-6.8 ipa-server | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Patrik Kis <pkis> |
| Component: | ipa | Assignee: | IPA Maintainers <ipa-maint> |
| Status: | CLOSED ERRATA | QA Contact: | Kaleem <ksiddiqu> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 7.3 | CC: | jcholast, jhrozek, mvarun, pvoborni, rcritten |
| Target Milestone: | rc | Keywords: | Regression |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | ipa-4.4.0-4.el7 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-11-04 05:59:01 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Upstream ticket: https://fedorahosted.org/freeipa/ticket/6129 Fixed upstream master: https://fedorahosted.org/freeipa/changeset/b8b7b9bf8e8a23d652c99c335219abf9de1a6fb7 Verified
ipa-client-4.4.0-11.el7.x86_64
###########
ON SERVER
###########
[root@server68 ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.8 (Santiago)
[root@server68 ~]# rpm -qa ipa-server
ipa-server-3.0.0-50.el6.1.x86_64
[root@server68 ~]# hostname
server68.stestrelm.test
###########
ON CLIENT
###########
[root@73client ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.3 Beta (Maipo)
[root@73client ~]# rpm -qa ipa-client
ipa-client-4.4.0-11.el7.x86_64
[root@73client ~]# ipa-client-install --domain stestrelm.test --realm STESTRELM.TEST --principal admin --server=server68.stestrelm.test -W --debug
/usr/sbin/ipa-client-install was invoked with options: {'domain': 'stestrelm.test', 'force': False, 'krb5_offline_passwords': True, 'ip_addresses': [], 'configure_firefox': False, 'primary': False, 'realm_name': 'STESTRELM.TEST', 'force_ntpd': False, 'create_sshfp': True, 'conf_sshd': True, 'conf_ntp': True, 'on_master': False, 'no_nisdomain': False, 'nisdomain': None, 'ca_cert_file': None, 'principal': 'admin', 'keytab': None, 'hostname': None, 'request_cert': False, 'trust_sshfp': False, 'no_ac': False, 'unattended': None, 'all_ip_addresses': False, 'location': None, 'sssd': True, 'ntp_servers': None, 'kinit_attempts': 5, 'dns_updates': False, 'conf_sudo': True, 'conf_ssh': True, 'force_join': False, 'firefox_dir': None, 'server': ['server68.stestrelm.test'], 'prompt_password': True, 'permit': False, 'debug': True, 'preserve_sssd': False, 'mkhomedir': False, 'uninstall': False}
missing options might be asked for interactively later
IPA version 4.4.0-11.el7
Starting external process
args=/bin/systemctl is-enabled chronyd.service
Process finished, return code=0
stdout=enabled
stderr=
WARNING: ntpd time&date synchronization service will not be configured as
conflicting service (chronyd) is enabled
Use --force-ntpd option to disable it and force configuration of ntpd
[IPA Discovery]
Starting IPA discovery with domain=stestrelm.test, servers=['server68.stestrelm.test'], hostname=73client.stestrelm.test
Server and domain forced
[Kerberos realm search]
Kerberos realm forced
[LDAP server check]
Verifying that server68.stestrelm.test (realm STESTRELM.TEST) is an IPA server
Init LDAP connection to: server68.stestrelm.test
Search LDAP server for IPA base DN
Check if naming context 'dc=stestrelm,dc=test' is for IPA
Naming context 'dc=stestrelm,dc=test' is a valid IPA context
Search for (objectClass=krbRealmContainer) in dc=stestrelm,dc=test (sub)
Found: cn=STESTRELM.TEST,cn=kerberos,dc=stestrelm,dc=test
Discovery result: Success; server=server68.stestrelm.test, domain=stestrelm.test, kdc=server68.stestrelm.test, basedn=dc=stestrelm,dc=test
Validated servers: server68.stestrelm.test
will use discovered domain: stestrelm.test
Using servers from command line, disabling DNS discovery
will use provided server: server68.stestrelm.test
Autodiscovery of servers for failover cannot work with this configuration.
If you proceed with the installation, services will be configured to always access the discovered server for all operations and will not fail over to other servers in case of failure.
Proceed with fixed values and no DNS discovery? [no]: yes
will use discovered realm: STESTRELM.TEST
will use discovered basedn: dc=stestrelm,dc=test
Client hostname: 73client.stestrelm.test
Hostname source: Machine's FQDN
Realm: STESTRELM.TEST
Realm source: Discovered from LDAP DNS records in server68.stestrelm.test
DNS Domain: stestrelm.test
DNS Domain source: Forced
IPA Server: server68.stestrelm.test
IPA Server source: Provided as option
BaseDN: dc=stestrelm,dc=test
BaseDN source: From IPA server ldap://server68.stestrelm.test:389
Continue to configure the system with these values? [no]: yes
Starting external process
args=/usr/sbin/ipa-rmkeytab -k /etc/krb5.keytab -r STESTRELM.TEST
Process finished, return code=5
stdout=
stderr=realm not found
Skipping synchronizing time with NTP server.
Starting external process
args=keyctl get_persistent @s 0
Process finished, return code=0
stdout=847286038
stderr=
Enabling persistent keyring CCACHE
Writing Kerberos configuration to /tmp/tmphduV0V:
#File modified by ipa-client-install
includedir /etc/krb5.conf.d/
includedir /var/lib/sss/pubconf/krb5.include.d/
[libdefaults]
default_realm = STESTRELM.TEST
dns_lookup_realm = false
dns_lookup_kdc = false
rdns = false
ticket_lifetime = 24h
forwardable = true
udp_preference_limit = 0
default_ccache_name = KEYRING:persistent:%{uid}
[realms]
STESTRELM.TEST = {
kdc = server68.stestrelm.test:88
master_kdc = server68.stestrelm.test:88
admin_server = server68.stestrelm.test:749
kpasswd_server = server68.stestrelm.test:464
default_domain = stestrelm.test
pkinit_anchors = FILE:/etc/ipa/ca.crt
}
[domain_realm]
.stestrelm.test = STESTRELM.TEST
stestrelm.test = STESTRELM.TEST
73client.stestrelm.test = STESTRELM.TEST
Password for admin:
Initializing principal admin using password
Starting external process
args=/usr/bin/kinit admin -c /tmp/krbccBQOMtv/ccache
Process finished, return code=0
stdout=Password for admin:
stderr=
trying to retrieve CA cert via LDAP from server68.stestrelm.test
flushing ldap://server68.stestrelm.test:389 from SchemaCache
retrieving schema for SchemaCache url=ldap://server68.stestrelm.test:389 conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x2a87ab8>
Successfully retrieved CA cert
Subject: CN=Certificate Authority,O=STESTRELM.TEST
Issuer: CN=Certificate Authority,O=STESTRELM.TEST
Valid From: Fri Sep 16 10:41:44 2016 UTC
Valid Until: Tue Sep 16 10:41:44 2036 UTC
Starting external process
args=/usr/sbin/ipa-join -s server68.stestrelm.test -b dc=stestrelm,dc=test -h 73client.stestrelm.test -d
Process finished, return code=0
stdout=
stderr=XML-RPC CALL:
<?xml version="1.0" encoding="UTF-8"?>\r\n
<methodCall>\r\n
<methodName>join</methodName>\r\n
<params>\r\n
<param><value><array><data>\r\n
<value><string>73client.stestrelm.test</string></value>\r\n
</data></array></value></param>\r\n
<param><value><struct>\r\n
<member><name>nsosversion</name>\r\n
<value><string>3.10.0-505.el7.x86_64</string></value></member>\r\n
<member><name>nshardwareplatform</name>\r\n
<value><string>x86_64</string></value></member>\r\n
</struct></value></param>\r\n
</params>\r\n
</methodCall>\r\n
* About to connect() to server68.stestrelm.test port 443 (#0)
* Trying 10.16.98.186...
* Connected to server68.stestrelm.test (10.16.98.186) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/ipa/ca.crt
CApath: none
* SSL connection using TLS_RSA_WITH_AES_256_CBC_SHA
* Server certificate:
* subject: CN=server68.stestrelm.test,O=STESTRELM.TEST
* start date: Sep 16 10:47:52 2016 GMT
* expire date: Sep 17 10:47:52 2018 GMT
* common name: server68.stestrelm.test
* issuer: CN=Certificate Authority,O=STESTRELM.TEST
> POST /ipa/xml HTTP/1.1
Host: server68.stestrelm.test
Accept: */*
Content-Type: text/xml
User-Agent: ipa-join/4.4.0
Referer: https://server68.stestrelm.test/ipa/xml
X-Original-User-Agent: Xmlrpc-c/1.32.5 Curl/7.29.0
Content-Length: 479
* upload completely sent off: 479 out of 479 bytes
< HTTP/1.1 401 Authorization Required
< Date: Fri, 16 Sep 2016 10:52:29 GMT
< Server: Apache/2.2.15 (Red Hat)
< WWW-Authenticate: Negotiate
< Last-Modified: Tue, 12 Apr 2016 15:04:53 GMT
< ETag: "22179f-55a-5304afbc10f40"
< Accept-Ranges: bytes
< Content-Length: 1370
< Connection: close
< Content-Type: text/html; charset=UTF-8
<
* Closing connection 0
* Issue another request to this URL: 'https://server68.stestrelm.test:443/ipa/xml'
* About to connect() to server68.stestrelm.test port 443 (#1)
* Trying 10.16.98.186...
* Connected to server68.stestrelm.test (10.16.98.186) port 443 (#1)
* CAfile: /etc/ipa/ca.crt
CApath: none
* SSL connection using TLS_RSA_WITH_AES_256_CBC_SHA
* Server certificate:
* subject: CN=server68.stestrelm.test,O=STESTRELM.TEST
* start date: Sep 16 10:47:52 2016 GMT
* expire date: Sep 17 10:47:52 2018 GMT
* common name: server68.stestrelm.test
* issuer: CN=Certificate Authority,O=STESTRELM.TEST
* Server auth using GSS-Negotiate with user ''
> POST /ipa/xml HTTP/1.1
Authorization: Negotiate YIIFHwYJKoZIhvcSAQICAQBuggUOMIIFCqADAgEFoQMCAQ6iBwMFACAAAACjggFmYYIBYjCCAV6gAwIBBaEQGw5TVEVTVFJFTE0uVEVTVKIqMCigAwIBA6EhMB8bBEhUVFAbF3NlcnZlcjY4LnN0ZXN0cmVsbS50ZXN0o4IBFzCCAROgAwIBEqEDAgECooIBBQSCAQHWSoF6l4h+YS00QLEZ08UX6GZvOi4yKh27Hk64o+qMbCKaUf2VgvIpqBtV2t4lvnX99fwzsGo+0W5iuVokqjzPc18i1Acpw6490/XtP0kM2MtHNzEbUm38zxT5ZX6JyOkY1aawzJK8yIF1JvUedlS7sWdq4uxwZtGv9du7L8N8rM4hBviJaiiBKFasy0GqEZvAI2ciHCVwTqbql4yKVo1OamBvBGgEZtashYNK4zJMPNza5EbQPopBzTvI3R8jPRN8s3vLOMM8LXzwmLU1VCNSafeMoLipcz8a+f7/wU/QJk5h5hC+2QEk3qZIXlh/2SUH1ZlXGWWJvTNNiR0zZiBXGqSCA4kwggOFoAMCARKiggN8BIIDeBLu0XDjUZZDBpQt7ZNHf1eusLxmWKDbfpBhtHoiDYgO+teIvWHfm06qi2CgK2qrgftJEoKJUyxYbHbtH3/aCVNnBw1GYjG8hIAbd6Y2LHJzIqLnunxutjrFYm/909Etm1ReQFQuVAZ8VnPQ7grkVU+DRQWYkvw6571X8rPDbvedJtfdQgNW1YlF+L2p13xFDlbiZIWMqLHf2KypadR0Z2nL1+/ot7t4SKXubXnedjz40kasCZxWRelT5e88vydCrUSvfsclJibyCelFgUHeTROJ5Z7EZBuhpZhMjZiYidM7NX6ktyeD5FxliZvyTcxAxTAD+nqBpuyWsrgH83gOhqmV4BdYeTXi94sGKeJB66WM/xkn2b5gg7mr0WfxUrzL+C215ExhOiYMdMgjgLOM/hnRUHiN5rF7vP3HzBgA8q/Y865zWf8cQPcfUcLhR5rJ9cQ39UE3V023Wd7TJYWwqVuACFeb4y+d/9tD8YwM1c/mNt5r8JC572XYa3g6YXxho7u9PinEwaolKMlyisLV7pbKNuigLz22Akv+D2o7NmTJFjNx2chrp0jpWxUuG45ZlBRithKwLpmZB79UfUucsBGOFLDmstzeWc9UhK0iBWyt2BWedK+wx2575VKiw7CVetF3sMnA6c0hHyL+q5AZSy6CbEUQznj823szQig6fWioXe+4eC6/3OpLh/McZYGuWUe/cgA2RDfN8gp+U0mymXmQA1q7ihwjF1AjS9MC3cKX7utEQn9D+CeKUazF/DTKVzWbD8B0Qcx/fo16mEHJlhoLcQUmrBvMedDQApWoAeWMcAjkG6bIJr6fpXrpv8zPCCYCVw43thzY7ipmvBBmiG9CezUcA66LQD0O7Pr5QYskE9BDGXc9YFPpvn0Gc5/BdfkMHsg6tT+OUVjVXzbZ4tnSpUX5Fw91+jzaslwUWuEYFabGDllgj9YikPuT77FoG5+/7h9bg9QQFkZzJvNoyqeUcDY3pLDgHCqIyAz7taUndI7g0ydbTQz4/8Aw63GEaMfcLLHZjcx7zk1IxS4jkQcUMgj/Kapu+X4qcJSv830TlWKJxGlGU65tOm/4BgJH/5NlJ/kB46ZoBRW65pQjMbfUDzhp2amuhAZMorjGMZMX6Syn9lUp6RlpbKzCtiMs7CumhKQorOBKvBhkouEw+hBqiRHTj2PrvA==
Host: server68.stestrelm.test
Accept: */*
Content-Type: text/xml
User-Agent: ipa-join/4.4.0
Referer: https://server68.stestrelm.test/ipa/xml
X-Original-User-Agent: Xmlrpc-c/1.32.5 Curl/7.29.0
Content-Length: 479
* upload completely sent off: 479 out of 479 bytes
< HTTP/1.1 200 Success
< Date: Fri, 16 Sep 2016 10:52:29 GMT
< Server: Apache/2.2.15 (Red Hat)
< WWW-Authenticate: Negotiate YIGZBgkqhkiG9xIBAgICAG+BiTCBhqADAgEFoQMCAQ+iejB4oAMCARKicQRv2wTtI4iDyc12eAfElT7BqjPkeiK5v1G7khA4ADJga81tnDcaQ2Vw9XMa4VP+0Fvy771BirFKYkMn68M4fCl+NR7aJ7DodzZf3nmrbVZN/tmBPz5FU40RJyFil2Q5G1AX37SpZt717jyCIvoAaaXa
* Added cookie ipa_session="b3d84d36fb7ba1c3f267c8d6b6d2782f" for domain server68.stestrelm.test, path /ipa, expire 1474024349
< Set-Cookie: ipa_session=b3d84d36fb7ba1c3f267c8d6b6d2782f; Domain=server68.stestrelm.test; Path=/ipa; Expires=Fri, 16 Sep 2016 11:12:29 GMT; Secure; HttpOnly
< Connection: close
< Transfer-Encoding: chunked
< Content-Type: text/xml; charset=utf-8
<
* Closing connection 1
XML-RPC RESPONSE:
<?xml version='1.0' encoding='UTF-8'?>\n
<methodResponse>\n
<params>\n
<param>\n
<value><array><data>\n
<value><string>fqdn=73client.stestrelm.test,cn=computers,cn=accounts,dc=stestrelm,dc=test</string></value>\n
<value><struct>\n
<member>\n
<name>dn</name>\n
<value><string>fqdn=73client.stestrelm.test,cn=computers,cn=accounts,dc=stestrelm,dc=test</string></value>\n
</member>\n
<member>\n
<name>ipacertificatesubjectbase</name>\n
<value><array><data>\n
<value><string>O=STESTRELM.TEST</string></value>\n
</data></array></value>\n
</member>\n
<member>\n
<name>has_keytab</name>\n
<value><boolean>0</boolean></value>\n
</member>\n
<member>\n
<name>objectclass</name>\n
<value><array><data>\n
<value><string>ipaobject</string></value>\n
<value><string>nshost</string></value>\n
<value><string>ipahost</string></value>\n
<value><string>pkiuser</string></value>\n
<value><string>ipaservice</string></value>\n
<value><string>krbprincipalaux</string></value>\n
<value><string>krbprincipal</string></value>\n
<value><string>ieee802device</string></value>\n
<value><string>ipasshhost</string></value>\n
<value><string>top</string></value>\n
<value><string>ipaSshGroupOfPubKeys</string></value>\n
</data></array></value>\n
</member>\n
<member>\n
<name>fqdn</name>\n
<value><array><data>\n
<value><string>73client.stestrelm.test</string></value>\n
</data></array></value>\n
</member>\n
<member>\n
<name>has_password</name>\n
<value><boolean>0</boolean></value>\n
</member>\n
<member>\n
<name>ipauniqueid</name>\n
<value><array><data>\n
<value><string>a9c278e8-7bfb-11e6-8869-021016980186</string></value>\n
</data></array></value>\n
</member>\n
<member>\n
<name>krbprincipalname</name>\n
<value><array><data>\n
<value><string>host/73client.stestrelm.test</string></value>\n
</data></array></value>\n
</member>\n
<member>\n
<name>managedby_host</name>\n
<value><array><data>\n
<value><string>73client.stestrelm.test</string></value>\n
</data></array></value>\n
</member>\n
</struct></value>\n
</data></array></value>\n
</param>\n
</params>\n
</methodResponse>\n
Failed to parse result: unsupported extended operation
Retrying with pre-4.0 keytab retrieval method...
Failed to retrieve encryption type Camellia-128 CTS mode with CMAC (#25)
Failed to retrieve encryption type Camellia-256 CTS mode with CMAC (#26)
Keytab successfully retrieved and stored in: /etc/krb5.keytab
Certificate subject base is: O=STESTRELM.TEST
Enrolled in IPA realm STESTRELM.TEST
Starting external process
args=kdestroy
Process finished, return code=0
stdout=
stderr=
Initializing principal host/73client.stestrelm.test using keytab /etc/krb5.keytab
using ccache /etc/ipa/.dns_ccache
Attempt 1/5: success
Backing up system configuration file '/etc/ipa/default.conf'
-> Not backing up - '/etc/ipa/default.conf' doesn't exist
Created /etc/ipa/default.conf
Backing up system configuration file '/etc/sssd/sssd.conf'
-> Not backing up - '/etc/sssd/sssd.conf' doesn't exist
New SSSD config will be created
Backing up system configuration file '/etc/nsswitch.conf'
Saving Index File to '/var/lib/ipa-client/sysrestore/sysrestore.index'
Configured sudoers in /etc/nsswitch.conf
Configured /etc/sssd/sssd.conf
Backing up system configuration file '/etc/krb5.conf'
Saving Index File to '/var/lib/ipa-client/sysrestore/sysrestore.index'
Starting external process
args=keyctl get_persistent @s 0
Process finished, return code=0
stdout=847286038
stderr=
Enabling persistent keyring CCACHE
Writing Kerberos configuration to /etc/krb5.conf:
#File modified by ipa-client-install
includedir /etc/krb5.conf.d/
includedir /var/lib/sss/pubconf/krb5.include.d/
[libdefaults]
default_realm = STESTRELM.TEST
dns_lookup_realm = false
dns_lookup_kdc = false
rdns = false
ticket_lifetime = 24h
forwardable = true
udp_preference_limit = 0
default_ccache_name = KEYRING:persistent:%{uid}
[realms]
STESTRELM.TEST = {
kdc = server68.stestrelm.test:88
master_kdc = server68.stestrelm.test:88
admin_server = server68.stestrelm.test:749
kpasswd_server = server68.stestrelm.test:464
default_domain = stestrelm.test
pkinit_anchors = FILE:/etc/ipa/ca.crt
}
[domain_realm]
.stestrelm.test = STESTRELM.TEST
stestrelm.test = STESTRELM.TEST
73client.stestrelm.test = STESTRELM.TEST
Configured /etc/krb5.conf for IPA realm STESTRELM.TEST
Starting external process
args=keyctl search @s user ipa_session_cookie:host/73client.stestrelm.test
Process finished, return code=0
stdout=614752947
stderr=
Starting external process
args=keyctl unlink 614752947 @s
Process finished, return code=0
stdout=
stderr=
Starting external process
args=/usr/bin/certutil -d /tmp/tmpy2Cdxo -N -f /tmp/tmprVlkyM
Process finished, return code=0
stdout=
stderr=
Starting external process
args=/usr/bin/certutil -d /tmp/tmpy2Cdxo -A -n CA certificate 1 -t C,,
Process finished, return code=0
stdout=
stderr=
Starting external process
args=keyctl search @s user ipa_session_cookie:host/73client.stestrelm.test
Process finished, return code=1
stdout=
stderr=keyctl_search: Required key not available
failed to find session_cookie in persistent storage for principal 'host/73client.stestrelm.test'
trying https://server68.stestrelm.test/ipa/json
Created connection context.rpcclient_48226128
Forwarding 'schema' to json server 'https://server68.stestrelm.test/ipa/json'
NSSConnection init server68.stestrelm.test
Connecting: 10.16.98.186:0
approved_usage = SSL Server intended_usage = SSL Server
cert valid True for "CN=server68.stestrelm.test,O=STESTRELM.TEST"
handshake complete, peer = 10.16.98.186:443
Protocol: TLS1.2
Cipher: TLS_RSA_WITH_AES_256_CBC_SHA
Forwarding 'env' to json server 'https://server68.stestrelm.test/ipa/json'
NSSConnection init server68.stestrelm.test
Connecting: 10.16.98.186:0
approved_usage = SSL Server intended_usage = SSL Server
cert valid True for "CN=server68.stestrelm.test,O=STESTRELM.TEST"
handshake complete, peer = 10.16.98.186:443
Protocol: TLS1.2
Cipher: TLS_RSA_WITH_AES_256_CBC_SHA
Forwarding 'ping' to json server 'https://server68.stestrelm.test/ipa/json'
NSSConnection init server68.stestrelm.test
Connecting: 10.16.98.186:0
approved_usage = SSL Server intended_usage = SSL Server
cert valid True for "CN=server68.stestrelm.test,O=STESTRELM.TEST"
handshake complete, peer = 10.16.98.186:443
Protocol: TLS1.2
Cipher: TLS_RSA_WITH_AES_256_CBC_SHA
Destroyed connection context.rpcclient_48226128
importing all plugin modules in ipaclient.remote_plugins.2_49...
importing plugin module ipaclient.remote_plugins.2_49.aci
importing plugin module ipaclient.remote_plugins.2_49.automember
importing plugin module ipaclient.remote_plugins.2_49.automount
importing plugin module ipaclient.remote_plugins.2_49.batch
importing plugin module ipaclient.remote_plugins.2_49.cert
importing plugin module ipaclient.remote_plugins.2_49.config
importing plugin module ipaclient.remote_plugins.2_49.delegation
importing plugin module ipaclient.remote_plugins.2_49.dns
importing plugin module ipaclient.remote_plugins.2_49.entitle
importing plugin module ipaclient.remote_plugins.2_49.group
importing plugin module ipaclient.remote_plugins.2_49.hbacrule
importing plugin module ipaclient.remote_plugins.2_49.hbacsvc
importing plugin module ipaclient.remote_plugins.2_49.hbacsvcgroup
importing plugin module ipaclient.remote_plugins.2_49.hbactest
importing plugin module ipaclient.remote_plugins.2_49.host
importing plugin module ipaclient.remote_plugins.2_49.hostgroup
importing plugin module ipaclient.remote_plugins.2_49.idrange
importing plugin module ipaclient.remote_plugins.2_49.internal
importing plugin module ipaclient.remote_plugins.2_49.join
importing plugin module ipaclient.remote_plugins.2_49.krbtpolicy
importing plugin module ipaclient.remote_plugins.2_49.migration
importing plugin module ipaclient.remote_plugins.2_49.misc
importing plugin module ipaclient.remote_plugins.2_49.netgroup
importing plugin module ipaclient.remote_plugins.2_49.passwd
importing plugin module ipaclient.remote_plugins.2_49.permission
importing plugin module ipaclient.remote_plugins.2_49.ping
importing plugin module ipaclient.remote_plugins.2_49.pkinit
importing plugin module ipaclient.remote_plugins.2_49.privilege
importing plugin module ipaclient.remote_plugins.2_49.pwpolicy
importing plugin module ipaclient.remote_plugins.2_49.role
importing plugin module ipaclient.remote_plugins.2_49.selfservice
importing plugin module ipaclient.remote_plugins.2_49.selinuxusermap
importing plugin module ipaclient.remote_plugins.2_49.service
importing plugin module ipaclient.remote_plugins.2_49.session
importing plugin module ipaclient.remote_plugins.2_49.sudocmd
importing plugin module ipaclient.remote_plugins.2_49.sudocmdgroup
importing plugin module ipaclient.remote_plugins.2_49.sudorule
importing plugin module ipaclient.remote_plugins.2_49.trust
importing plugin module ipaclient.remote_plugins.2_49.user
importing all plugin modules in ipaclient.plugins...
importing plugin module ipaclient.plugins.automember
importing plugin module ipaclient.plugins.automount
importing plugin module ipaclient.plugins.cert
importing plugin module ipaclient.plugins.certprofile
importing plugin module ipaclient.plugins.dns
importing plugin module ipaclient.plugins.hbacrule
importing plugin module ipaclient.plugins.hbactest
importing plugin module ipaclient.plugins.host
importing plugin module ipaclient.plugins.idrange
importing plugin module ipaclient.plugins.internal
importing plugin module ipaclient.plugins.location
importing plugin module ipaclient.plugins.migration
importing plugin module ipaclient.plugins.misc
importing plugin module ipaclient.plugins.otptoken
importing plugin module ipaclient.plugins.otptoken_yubikey
importing plugin module ipaclient.plugins.passwd
importing plugin module ipaclient.plugins.permission
importing plugin module ipaclient.plugins.rpcclient
importing plugin module ipaclient.plugins.server
importing plugin module ipaclient.plugins.service
importing plugin module ipaclient.plugins.sudorule
importing plugin module ipaclient.plugins.topology
importing plugin module ipaclient.plugins.trust
importing plugin module ipaclient.plugins.user
importing plugin module ipaclient.plugins.vault
Starting external process
args=keyctl search @s user ipa_session_cookie:host/73client.stestrelm.test
Process finished, return code=1
stdout=
stderr=keyctl_search: Required key not available
failed to find session_cookie in persistent storage for principal 'host/73client.stestrelm.test'
trying https://server68.stestrelm.test/ipa/json
Created connection context.rpcclient_71253392
Try RPC connection
Forwarding 'ping' to json server 'https://server68.stestrelm.test/ipa/json'
NSSConnection init server68.stestrelm.test
Connecting: 10.16.98.186:0
approved_usage = SSL Server intended_usage = SSL Server
cert valid True for "CN=server68.stestrelm.test,O=STESTRELM.TEST"
handshake complete, peer = 10.16.98.186:443
Protocol: TLS1.2
Cipher: TLS_RSA_WITH_AES_256_CBC_SHA
Forwarding 'ca_is_enabled' to json server 'https://server68.stestrelm.test/ipa/json'
NSSConnection init server68.stestrelm.test
Connecting: 10.16.98.186:0
approved_usage = SSL Server intended_usage = SSL Server
cert valid True for "CN=server68.stestrelm.test,O=STESTRELM.TEST"
handshake complete, peer = 10.16.98.186:443
Protocol: TLS1.2
Cipher: TLS_RSA_WITH_AES_256_CBC_SHA
Forwarding 'env' to json server 'https://server68.stestrelm.test/ipa/json'
NSSConnection init server68.stestrelm.test
Connecting: 10.16.98.186:0
approved_usage = SSL Server intended_usage = SSL Server
cert valid True for "CN=server68.stestrelm.test,O=STESTRELM.TEST"
handshake complete, peer = 10.16.98.186:443
Protocol: TLS1.2
Cipher: TLS_RSA_WITH_AES_256_CBC_SHA
Starting external process
args=/usr/bin/certutil -d /etc/ipa/nssdb -N -f /etc/ipa/nssdb/pwdfile.txt
Process finished, return code=0
stdout=
stderr=
flushing ldap://server68.stestrelm.test:389 from SchemaCache
retrieving schema for SchemaCache url=ldap://server68.stestrelm.test:389 conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x4b27128>
Adding CA certificates to the IPA NSS database.
Starting external process
args=/usr/bin/certutil -d /etc/ipa/nssdb -A -n STESTRELM.TEST IPA CA -t CT,C,C
Process finished, return code=0
stdout=
stderr=
Starting external process
args=/usr/bin/update-ca-trust
Process finished, return code=0
stdout=
stderr=
Systemwide CA database updated.
The DNS query name does not exist: 73client.stestrelm.test.
Hostname (73client.stestrelm.test) does not have A/AAAA record.
Writing nsupdate commands to /etc/ipa/.dns_update.txt:
debug
update delete 73client.stestrelm.test. IN A
show
send
update delete 73client.stestrelm.test. IN AAAA
show
send
update add 73client.stestrelm.test. 1200 IN A 10.19.34.84
show
send
update add 73client.stestrelm.test. 1200 IN AAAA 2620:52:0:1322:221:5eff:fe20:1082
show
send
Starting external process
args=/usr/bin/nsupdate -g /etc/ipa/.dns_update.txt
Process finished, return code=0
stdout=Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
73client.stestrelm.test. 0 ANY A
Outgoing update query:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7877
;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;1958284418.sig-server68.stestrelm.test. ANY TKEY
;; ADDITIONAL SECTION:
1958284418.sig-server68.stestrelm.test. 0 ANY TKEY gss-tsig. 1474023153 1474023153 3 NOERROR 665 YIIClQYJKoZIhvcSAQICAQBuggKEMIICgKADAgEFoQMCAQ6iBwMFACAA AACjggF9YYIBeTCCAXWgAwIBBaEQGw5TVEVTVFJFTE0uVEVTVKIpMCeg AwIBA6EgMB4bA0ROUxsXc2VydmVyNjguc3Rlc3RyZWxtLnRlc3SjggEv MIIBK6ADAgESoQMCAQKiggEdBIIBGdqFssCbSbxcxJ1Novl6Q4I17KTl 9Vsc2VOUPN1YkCKZqYarGeQpRM7ZTUlK0CndOsFkgLvob8Cvsf2XR8Ak PL/Jd79Iugitzux9mm4sfgfnR/lEwXTMgyu3awenomhfYleSHALnWQTa udSxbvUInxbz1rzKsH7j3YZ11UrLm04CLJLDyX5ABYMC+Mc+5x8SsvY0 /ebifI2fs791oiWCNql1F714R4W4AkiHRdmj6dlrLvoVV6yVG1CWBs/9 bZIQI45pI5kTSPW8P7D7BLvEYDlk9/g6hACFjOJQr7T2qsquEgizwK1H 2fNrkGAKLZbUYItwZyAPNCZ1LQeB8zCWTn2fueZw38/UFMI7K5p9kFdG Lzi6VQv11+NppIHpMIHmoAMCARKigd4Egdu/yUFCqatKNmFUSz1KNqqr nfWF1m36xrsH0VQ/GMhHHz++Ui+mbK7DDYyAhS7AoFBfyzgpgC7zS8bB ffccnmc1zxEeXTLV7ZRXp8hKAzD6hDAkvhxOXq6i8Wci9KFFzQ9iTWy5 pEZMdsaHEqf7HT4uAt/HwFvMIrpSVafOvaJYcCbGIn0ermhAwWhsr8wT WP6XWgLZAB6SW/J3iCXH2o7TDIZmuRWFzp6U0FPJywDGvYK4sMq+Nkri XjpB0yzsUCFa3CDUx0X9VBEgXENoP5oDKMzqPE8b+P0zqQY= 0
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 7963
;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 1
;; UPDATE SECTION:
73client.stestrelm.test. 0 ANY A
;; TSIG PSEUDOSECTION:
1958284418.sig-server68.stestrelm.test. 0 ANY TSIG gss-tsig. 1474023153 300 28 BAQE//////8AAAAANkysz6dDWFzq/jcmiDIu7Q== 7963 NOERROR 0
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
73client.stestrelm.test. 0 ANY AAAA
Outgoing update query:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55557
;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;2949027940.sig-server68.stestrelm.test. ANY TKEY
;; ADDITIONAL SECTION:
2949027940.sig-server68.stestrelm.test. 0 ANY TKEY gss-tsig. 1474023153 1474023153 3 NOERROR 665 YIIClQYJKoZIhvcSAQICAQBuggKEMIICgKADAgEFoQMCAQ6iBwMFACAA AACjggF9YYIBeTCCAXWgAwIBBaEQGw5TVEVTVFJFTE0uVEVTVKIpMCeg AwIBA6EgMB4bA0ROUxsXc2VydmVyNjguc3Rlc3RyZWxtLnRlc3SjggEv MIIBK6ADAgESoQMCAQKiggEdBIIBGdqFssCbSbxcxJ1Novl6Q4I17KTl 9Vsc2VOUPN1YkCKZqYarGeQpRM7ZTUlK0CndOsFkgLvob8Cvsf2XR8Ak PL/Jd79Iugitzux9mm4sfgfnR/lEwXTMgyu3awenomhfYleSHALnWQTa udSxbvUInxbz1rzKsH7j3YZ11UrLm04CLJLDyX5ABYMC+Mc+5x8SsvY0 /ebifI2fs791oiWCNql1F714R4W4AkiHRdmj6dlrLvoVV6yVG1CWBs/9 bZIQI45pI5kTSPW8P7D7BLvEYDlk9/g6hACFjOJQr7T2qsquEgizwK1H 2fNrkGAKLZbUYItwZyAPNCZ1LQeB8zCWTn2fueZw38/UFMI7K5p9kFdG Lzi6VQv11+NppIHpMIHmoAMCARKigd4Egdva/QHm3o2xkL/gQ4ewWt+e fmBMGQQnD+8jONSpCC1ABzeggoV7BUP/FpIRjuE4oq4uoZr+RgnY4+8s xXplqEmPxIEhczPHCSFGzp7QbxMI3bmOkpwVHE+zYiMWVqUXpND03YDP WorY8FKwkdIFEnKJ/Kcg9/GnNsXeJipPTpxs3PPfA+bc0ygUrQtf1hZE 50hNm9iYkH6s9AZp10mwv1EGwqQalBPzAcyTUbLMVwrF06E3XFX100q+ 0oCI+xEHNbL/WWi0Q85Rd0W7LOhTzXdV6fo+OMiZx/DVgg4= 0
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 19235
;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 1
;; UPDATE SECTION:
73client.stestrelm.test. 0 ANY AAAA
;; TSIG PSEUDOSECTION:
2949027940.sig-server68.stestrelm.test. 0 ANY TSIG gss-tsig. 1474023153 300 28 BAQE//////8AAAAACsDLxOX4SlhzCYLsQL9qqQ== 19235 NOERROR 0
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
73client.stestrelm.test. 1200 IN A 10.19.34.84
Outgoing update query:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5649
;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;1236734906.sig-server68.stestrelm.test. ANY TKEY
;; ADDITIONAL SECTION:
1236734906.sig-server68.stestrelm.test. 0 ANY TKEY gss-tsig. 1474023153 1474023153 3 NOERROR 665 YIIClQYJKoZIhvcSAQICAQBuggKEMIICgKADAgEFoQMCAQ6iBwMFACAA AACjggF9YYIBeTCCAXWgAwIBBaEQGw5TVEVTVFJFTE0uVEVTVKIpMCeg AwIBA6EgMB4bA0ROUxsXc2VydmVyNjguc3Rlc3RyZWxtLnRlc3SjggEv MIIBK6ADAgESoQMCAQKiggEdBIIBGdqFssCbSbxcxJ1Novl6Q4I17KTl 9Vsc2VOUPN1YkCKZqYarGeQpRM7ZTUlK0CndOsFkgLvob8Cvsf2XR8Ak PL/Jd79Iugitzux9mm4sfgfnR/lEwXTMgyu3awenomhfYleSHALnWQTa udSxbvUInxbz1rzKsH7j3YZ11UrLm04CLJLDyX5ABYMC+Mc+5x8SsvY0 /ebifI2fs791oiWCNql1F714R4W4AkiHRdmj6dlrLvoVV6yVG1CWBs/9 bZIQI45pI5kTSPW8P7D7BLvEYDlk9/g6hACFjOJQr7T2qsquEgizwK1H 2fNrkGAKLZbUYItwZyAPNCZ1LQeB8zCWTn2fueZw38/UFMI7K5p9kFdG Lzi6VQv11+NppIHpMIHmoAMCARKigd4EgdtCAxGiaaYlL1Ds44w3Ehu4 Kt3NgjRAgmJyXIFLFgl822eJFoCJ1nwFYH/1BRJ5wLAnX0viMJtWT2lL 5kzm4ozX3e0HtDkVEcoQPjhWLAloZ9JYcgW52wdMBGQgVl1khmKEHIjG U06QpE+suozipJCc+taUdysJuVmdgiEtR1IvDFTGKz+otnvuFAZ+BEiq 73LkGwcfzOm/+BFQLwE+Nlh8KpeW+1BjgJ8D1HFHdR+n8On+J43ar2Fh 8oLY228rALagz1UVffqW3sv3n7lsGSCvC7f7iIWrDSwFdUM= 0
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 63882
;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 1
;; UPDATE SECTION:
73client.stestrelm.test. 1200 IN A 10.19.34.84
;; TSIG PSEUDOSECTION:
1236734906.sig-server68.stestrelm.test. 0 ANY TSIG gss-tsig. 1474023153 300 28 BAQE//////8AAAAAD1RsjUSOphpVo6eL/GtSOA== 63882 NOERROR 0
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
73client.stestrelm.test. 1200 IN AAAA 2620:52:0:1322:221:5eff:fe20:1082
Outgoing update query:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52943
;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;1013301938.sig-server68.stestrelm.test. ANY TKEY
;; ADDITIONAL SECTION:
1013301938.sig-server68.stestrelm.test. 0 ANY TKEY gss-tsig. 1474023154 1474023154 3 NOERROR 665 YIIClQYJKoZIhvcSAQICAQBuggKEMIICgKADAgEFoQMCAQ6iBwMFACAA AACjggF9YYIBeTCCAXWgAwIBBaEQGw5TVEVTVFJFTE0uVEVTVKIpMCeg AwIBA6EgMB4bA0ROUxsXc2VydmVyNjguc3Rlc3RyZWxtLnRlc3SjggEv MIIBK6ADAgESoQMCAQKiggEdBIIBGdqFssCbSbxcxJ1Novl6Q4I17KTl 9Vsc2VOUPN1YkCKZqYarGeQpRM7ZTUlK0CndOsFkgLvob8Cvsf2XR8Ak PL/Jd79Iugitzux9mm4sfgfnR/lEwXTMgyu3awenomhfYleSHALnWQTa udSxbvUInxbz1rzKsH7j3YZ11UrLm04CLJLDyX5ABYMC+Mc+5x8SsvY0 /ebifI2fs791oiWCNql1F714R4W4AkiHRdmj6dlrLvoVV6yVG1CWBs/9 bZIQI45pI5kTSPW8P7D7BLvEYDlk9/g6hACFjOJQr7T2qsquEgizwK1H 2fNrkGAKLZbUYItwZyAPNCZ1LQeB8zCWTn2fueZw38/UFMI7K5p9kFdG Lzi6VQv11+NppIHpMIHmoAMCARKigd4Egdu3ul8HxjlnL633NOCKH3hW Xt+vAKwkALfMlvZ2hrO9ZgrfBqZ8VlXT0f8ZLdByvbGP8gYKTw5QbVou PZjU4vFBuSjZ2w5lOrHPYZBqIKIvC4VDrGpZ0P2urHwQe/F9sZNkv/Kr o2Nk7FWzD9ky3rAvFdKHYYyW2HHSlCLHD+cb/kVMJLY/u6oDo869iaxj A/VIUYtqiDPt9zSyzmT4PKd1inF/TQd0Me043mENuz2nL4q+OEopXWSv eenFvJxjsJFrhV+zp/k9+NIB8V30HsbKuxfO188gTk6JjJ0= 0
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 52194
;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 1
;; UPDATE SECTION:
73client.stestrelm.test. 1200 IN AAAA 2620:52:0:1322:221:5eff:fe20:1082
;; TSIG PSEUDOSECTION:
1013301938.sig-server68.stestrelm.test. 0 ANY TSIG gss-tsig. 1474023154 300 28 BAQE//////8AAAAAK7dH4WoU5euC4zuCCjwE8Q== 52194 NOERROR 0
stderr=Reply from SOA query:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48750
;; flags: qr aa rd ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;73client.stestrelm.test. IN SOA
;; AUTHORITY SECTION:
stestrelm.test. 0 IN SOA server68.stestrelm.test. hostmaster.stestrelm.test. 1474023035 3600 900 1209600 3600
Found zone name: stestrelm.test
The master is: server68.stestrelm.test
start_gssrequest
send_gssrequest
recvmsg reply from GSS-TSIG query
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7877
;; flags: qr ra; QUESTION: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;1958284418.sig-server68.stestrelm.test. ANY TKEY
;; ANSWER SECTION:
1958284418.sig-server68.stestrelm.test. 0 ANY TKEY gss-tsig. 1474023153 1474026753 3 NOERROR 156 YIGZBgkqhkiG9xIBAgICAG+BiTCBhqADAgEFoQMCAQ+iejB4oAMCARKi cQRvCqhcytOsaJTO8WxfmUCdZ7hmxbuq7J5GiV0YRb//igJwkwvGzPUb X2bTgqpMyYHA7loyCTuQDFkk9w+yl91P0qLmTR844Y4v0vrW5u1N9Ndv R3mDmZ/hkqQchVyMgi2np7nikGW+sfMVsqbRZ9CU 0
Sending update to 10.16.98.186#53
Reply from update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 7963
;; flags: qr ra; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 1
;; ZONE SECTION:
;stestrelm.test. IN SOA
;; TSIG PSEUDOSECTION:
1958284418.sig-server68.stestrelm.test. 0 ANY TSIG gss-tsig. 1474023153 300 28 BAQF//////8AAAAAJUjxzx+2utuesA+HALQjLg== 7963 NOERROR 0
Reply from SOA query:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56775
;; flags: qr aa rd ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;73client.stestrelm.test. IN SOA
;; AUTHORITY SECTION:
stestrelm.test. 0 IN SOA server68.stestrelm.test. hostmaster.stestrelm.test. 1474023035 3600 900 1209600 3600
Found zone name: stestrelm.test
The master is: server68.stestrelm.test
start_gssrequest
send_gssrequest
recvmsg reply from GSS-TSIG query
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55557
;; flags: qr ra; QUESTION: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;2949027940.sig-server68.stestrelm.test. ANY TKEY
;; ANSWER SECTION:
2949027940.sig-server68.stestrelm.test. 0 ANY TKEY gss-tsig. 1474023154 1474026754 3 NOERROR 156 YIGZBgkqhkiG9xIBAgICAG+BiTCBhqADAgEFoQMCAQ+iejB4oAMCARKi cQRvnVPFqNlyTias7m20CUYOgePySQ/d2DNnqPlNTj/Oi7CDvr6XzKsk VckQFkgQjpUXr8jpciZJCGe8JeKMUOPz5i+2HLcHdkNoYxDXzAY8EJxo vCBU7QuRJGSjg6i+qGbIIi5Vo695VWAscEmnXmHV 0
Sending update to 10.16.98.186#53
Reply from update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 19235
;; flags: qr ra; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 1
;; ZONE SECTION:
;stestrelm.test. IN SOA
;; TSIG PSEUDOSECTION:
2949027940.sig-server68.stestrelm.test. 0 ANY TSIG gss-tsig. 1474023154 300 28 BAQF//////8AAAAAL5I+mtW3Tkv6J+i1LTyuUQ== 19235 NOERROR 0
Reply from SOA query:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24317
;; flags: qr aa rd ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;73client.stestrelm.test. IN SOA
;; AUTHORITY SECTION:
stestrelm.test. 0 IN SOA server68.stestrelm.test. hostmaster.stestrelm.test. 1474023035 3600 900 1209600 3600
Found zone name: stestrelm.test
The master is: server68.stestrelm.test
start_gssrequest
send_gssrequest
recvmsg reply from GSS-TSIG query
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5649
;; flags: qr ra; QUESTION: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;1236734906.sig-server68.stestrelm.test. ANY TKEY
;; ANSWER SECTION:
1236734906.sig-server68.stestrelm.test. 0 ANY TKEY gss-tsig. 1474023154 1474026754 3 NOERROR 156 YIGZBgkqhkiG9xIBAgICAG+BiTCBhqADAgEFoQMCAQ+iejB4oAMCARKi cQRvoJUHfmSS7AhObEm3OpNsjxBA44NUoXkzWxpzXc8wEEK2SzIr2/oC vKiR/20rls4Rt1ORlSvovtSKPFCzfepgfNc6gBeBXBGkAj460X14Xsc3 4C4lR0hsRo59+4Mm+sYqeB15IaYhpT3HkgT4sAmx 0
Sending update to 10.16.98.186#53
Reply from update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 63882
;; flags: qr ra; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 1
;; ZONE SECTION:
;stestrelm.test. IN SOA
;; TSIG PSEUDOSECTION:
1236734906.sig-server68.stestrelm.test. 0 ANY TSIG gss-tsig. 1474023154 300 28 BAQF//////8AAAAANDqoWEUJaQT4t14n0upJwg== 63882 NOERROR 0
Reply from SOA query:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61189
;; flags: qr aa rd ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;73client.stestrelm.test. IN SOA
;; AUTHORITY SECTION:
stestrelm.test. 3600 IN SOA server68.stestrelm.test. hostmaster.stestrelm.test. 1474023036 3600 900 1209600 3600
Found zone name: stestrelm.test
The master is: server68.stestrelm.test
start_gssrequest
send_gssrequest
recvmsg reply from GSS-TSIG query
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52943
;; flags: qr ra; QUESTION: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;1013301938.sig-server68.stestrelm.test. ANY TKEY
;; ANSWER SECTION:
1013301938.sig-server68.stestrelm.test. 0 ANY TKEY gss-tsig. 1474023154 1474026754 3 NOERROR 156 YIGZBgkqhkiG9xIBAgICAG+BiTCBhqADAgEFoQMCAQ+iejB4oAMCARKi cQRvHllAsblzXGqQJ6HnxEaKeltG5cC8ieJI3ZCwIo7P4tpATRjF+lFo 1NYEL58SgJG1Ba8QbXBTUykABbXwbQ+O1Uh10nIOHc0noTC9DInpAQze ClYr8HUyx5uU5yi/n3e/CjwLjduMDRDNBpRZi1tj 0
Sending update to 10.16.98.186#53
Reply from update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 52194
;; flags: qr ra; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 1
;; ZONE SECTION:
;stestrelm.test. IN SOA
;; TSIG PSEUDOSECTION:
1013301938.sig-server68.stestrelm.test. 0 ANY TSIG gss-tsig. 1474023154 300 28 BAQF//////8AAAAAL9RuY6OMAp1tCzpz2LDj1w== 52194 NOERROR 0
DNS resolver: Query: 73client.stestrelm.test IN A
DNS resolver: Query: 73client.stestrelm.test IN AAAA
DNS resolver: Query: 84.34.19.10.in-addr.arpa. IN PTR
DNS resolver: Query: 2.8.0.1.0.2.e.f.f.f.e.5.1.2.2.0.2.2.3.1.0.0.0.0.2.5.0.0.0.2.6.2.ip6.arpa. IN PTR
DNS resolver: No record.
Missing reverse record(s) for address(es): 2620:52:0:1322:221:5eff:fe20:1082.
Incorrect reverse record(s):
10.19.34.84 is pointing to qe-blade-14.idmqe.lab.eng.bos.redhat.com. instead of 73client.stestrelm.test.
Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub
Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub
Adding SSH public key from /etc/ssh/ssh_host_ed25519_key.pub
Forwarding 'host_mod' to json server 'https://server68.stestrelm.test/ipa/json'
NSSConnection init server68.stestrelm.test
Connecting: 10.16.98.186:0
approved_usage = SSL Server intended_usage = SSL Server
cert valid True for "CN=server68.stestrelm.test,O=STESTRELM.TEST"
handshake complete, peer = 10.16.98.186:443
Protocol: TLS1.2
Cipher: TLS_RSA_WITH_AES_256_CBC_SHA
Writing nsupdate commands to /etc/ipa/.dns_update.txt:
debug
update delete 73client.stestrelm.test. IN SSHFP
show
send
update add 73client.stestrelm.test. 1200 IN SSHFP 1 1 E8F13C7AB5830DDD22272EBAB51D55E13200DC8E
update add 73client.stestrelm.test. 1200 IN SSHFP 1 2 2A13DD4AAA729EF3092E0F0123D6D5427DB49EFE4881DE7859809FFA89C14ACF
update add 73client.stestrelm.test. 1200 IN SSHFP 3 1 0A3AEED2513B25B539051DBCABD8AC5168517128
update add 73client.stestrelm.test. 1200 IN SSHFP 3 2 07662CCEA76BA85A2FD5A2AE35299BF6B3619FDA89819A691C7A0CC4A41B5A3D
update add 73client.stestrelm.test. 1200 IN SSHFP 4 1 EEF019D4A3A6B6FFE1A8C0A1048D9082F6AC7C96
update add 73client.stestrelm.test. 1200 IN SSHFP 4 2 7FDA52219C62BD1CF77507FBBB76EB05EBE96BC7B60442D4E08F49B42B791F35
show
send
Starting external process
args=/usr/bin/nsupdate -g /etc/ipa/.dns_update.txt
Process finished, return code=0
stdout=Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
73client.stestrelm.test. 0 ANY SSHFP
Outgoing update query:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42108
;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;1211186824.sig-server68.stestrelm.test. ANY TKEY
;; ADDITIONAL SECTION:
1211186824.sig-server68.stestrelm.test. 0 ANY TKEY gss-tsig. 1474023154 1474023154 3 NOERROR 665 YIIClQYJKoZIhvcSAQICAQBuggKEMIICgKADAgEFoQMCAQ6iBwMFACAA AACjggF9YYIBeTCCAXWgAwIBBaEQGw5TVEVTVFJFTE0uVEVTVKIpMCeg AwIBA6EgMB4bA0ROUxsXc2VydmVyNjguc3Rlc3RyZWxtLnRlc3SjggEv MIIBK6ADAgESoQMCAQKiggEdBIIBGdqFssCbSbxcxJ1Novl6Q4I17KTl 9Vsc2VOUPN1YkCKZqYarGeQpRM7ZTUlK0CndOsFkgLvob8Cvsf2XR8Ak PL/Jd79Iugitzux9mm4sfgfnR/lEwXTMgyu3awenomhfYleSHALnWQTa udSxbvUInxbz1rzKsH7j3YZ11UrLm04CLJLDyX5ABYMC+Mc+5x8SsvY0 /ebifI2fs791oiWCNql1F714R4W4AkiHRdmj6dlrLvoVV6yVG1CWBs/9 bZIQI45pI5kTSPW8P7D7BLvEYDlk9/g6hACFjOJQr7T2qsquEgizwK1H 2fNrkGAKLZbUYItwZyAPNCZ1LQeB8zCWTn2fueZw38/UFMI7K5p9kFdG Lzi6VQv11+NppIHpMIHmoAMCARKigd4Egdvg9ycwqmpYCWE6KQ8LEBgc oR0LghCMbg8YZt8YI3OPt48EvUROoqEoUNopdhCN/R+IXMZuN0lkyCG/ sv0UtoEf/KV/iuVJNdIBM8RcPRr0VDx1DX0GHiYAFVQqM4A3CiV46fUF zHIJOqj/8ZF/N+IaaOZgcMUzGFBlCmVH0j6anPSBfLeA1NUmflOad/Zx W2nebpwF8TvkiSk0h3AVWsYEvOqBsMGkHy2sKcRycgICHIA/cvsZWuy+ i/KBJKLkR8+79gQqW/ZqGPGD6nbhBd/wacur29MWDJDKdMM= 0
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 22837
;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 1
;; UPDATE SECTION:
73client.stestrelm.test. 0 ANY SSHFP
;; TSIG PSEUDOSECTION:
1211186824.sig-server68.stestrelm.test. 0 ANY TSIG gss-tsig. 1474023154 300 28 BAQE//////8AAAAANYDinCrrBRSinVDWYLFz3A== 22837 NOERROR 0
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
73client.stestrelm.test. 1200 IN SSHFP 1 1 E8F13C7AB5830DDD22272EBAB51D55E13200DC8E
73client.stestrelm.test. 1200 IN SSHFP 1 2 2A13DD4AAA729EF3092E0F0123D6D5427DB49EFE4881DE7859809FFA 89C14ACF
73client.stestrelm.test. 1200 IN SSHFP 3 1 0A3AEED2513B25B539051DBCABD8AC5168517128
73client.stestrelm.test. 1200 IN SSHFP 3 2 07662CCEA76BA85A2FD5A2AE35299BF6B3619FDA89819A691C7A0CC4 A41B5A3D
73client.stestrelm.test. 1200 IN SSHFP 4 1 EEF019D4A3A6B6FFE1A8C0A1048D9082F6AC7C96
73client.stestrelm.test. 1200 IN SSHFP 4 2 7FDA52219C62BD1CF77507FBBB76EB05EBE96BC7B60442D4E08F49B4 2B791F35
Outgoing update query:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32679
;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;2597784398.sig-server68.stestrelm.test. ANY TKEY
;; ADDITIONAL SECTION:
2597784398.sig-server68.stestrelm.test. 0 ANY TKEY gss-tsig. 1474023154 1474023154 3 NOERROR 665 YIIClQYJKoZIhvcSAQICAQBuggKEMIICgKADAgEFoQMCAQ6iBwMFACAA AACjggF9YYIBeTCCAXWgAwIBBaEQGw5TVEVTVFJFTE0uVEVTVKIpMCeg AwIBA6EgMB4bA0ROUxsXc2VydmVyNjguc3Rlc3RyZWxtLnRlc3SjggEv MIIBK6ADAgESoQMCAQKiggEdBIIBGdqFssCbSbxcxJ1Novl6Q4I17KTl 9Vsc2VOUPN1YkCKZqYarGeQpRM7ZTUlK0CndOsFkgLvob8Cvsf2XR8Ak PL/Jd79Iugitzux9mm4sfgfnR/lEwXTMgyu3awenomhfYleSHALnWQTa udSxbvUInxbz1rzKsH7j3YZ11UrLm04CLJLDyX5ABYMC+Mc+5x8SsvY0 /ebifI2fs791oiWCNql1F714R4W4AkiHRdmj6dlrLvoVV6yVG1CWBs/9 bZIQI45pI5kTSPW8P7D7BLvEYDlk9/g6hACFjOJQr7T2qsquEgizwK1H 2fNrkGAKLZbUYItwZyAPNCZ1LQeB8zCWTn2fueZw38/UFMI7K5p9kFdG Lzi6VQv11+NppIHpMIHmoAMCARKigd4EgdtlthSBUQ4M2zuFzpOzhJJS 17d8oRiNdaNeRGctazcCAQ278p42YV3hci0MlcnKP2vMZmNBizufXtvL ljid8MH29PQxBhMorLYTCA/IoU1CXMy5YxL3arJW4H+sVNrNdCmQTqkC RzCzb3s4E5jznafMEJCdXZvv6HERFjREDK2J3tZR27HUS279VcdidF8J UdmWu8BEuyvWYCxMdcGIdefrgB5gEn6kVb6kikdxTHFbIaH+wUXvvHLp WR6ANlPVjS6hOAu4rYru7IcUtjGtbMObAQjTsnpxVImUeEc= 0
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 59419
;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 6, ADDITIONAL: 1
;; UPDATE SECTION:
73client.stestrelm.test. 1200 IN SSHFP 1 1 E8F13C7AB5830DDD22272EBAB51D55E13200DC8E
73client.stestrelm.test. 1200 IN SSHFP 1 2 2A13DD4AAA729EF3092E0F0123D6D5427DB49EFE4881DE7859809FFA 89C14ACF
73client.stestrelm.test. 1200 IN SSHFP 3 1 0A3AEED2513B25B539051DBCABD8AC5168517128
73client.stestrelm.test. 1200 IN SSHFP 3 2 07662CCEA76BA85A2FD5A2AE35299BF6B3619FDA89819A691C7A0CC4 A41B5A3D
73client.stestrelm.test. 1200 IN SSHFP 4 1 EEF019D4A3A6B6FFE1A8C0A1048D9082F6AC7C96
73client.stestrelm.test. 1200 IN SSHFP 4 2 7FDA52219C62BD1CF77507FBBB76EB05EBE96BC7B60442D4E08F49B4 2B791F35
;; TSIG PSEUDOSECTION:
2597784398.sig-server68.stestrelm.test. 0 ANY TSIG gss-tsig. 1474023154 300 28 BAQE//////8AAAAACQJkNCTNy/EYkpqg7oxqFQ== 59419 NOERROR 0
stderr=Reply from SOA query:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55869
;; flags: qr aa rd ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;73client.stestrelm.test. IN SOA
;; AUTHORITY SECTION:
stestrelm.test. 3600 IN SOA server68.stestrelm.test. hostmaster.stestrelm.test. 1474023154 3600 900 1209600 3600
Found zone name: stestrelm.test
The master is: server68.stestrelm.test
start_gssrequest
send_gssrequest
recvmsg reply from GSS-TSIG query
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42108
;; flags: qr ra; QUESTION: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;1211186824.sig-server68.stestrelm.test. ANY TKEY
;; ANSWER SECTION:
1211186824.sig-server68.stestrelm.test. 0 ANY TKEY gss-tsig. 1474023154 1474026754 3 NOERROR 156 YIGZBgkqhkiG9xIBAgICAG+BiTCBhqADAgEFoQMCAQ+iejB4oAMCARKi cQRvjAILQKjhakaltfqoYQ9T5GHoR0Qms+flesM25X0EFWLfd3JJW+ve P3YMSMczWAFHtqYQY+k2mAhJ/i9js1hTLDhwOdNLOvD3bhTg1Cqt0+9P Ebt4rZpkVAiqafXDawYfYKkCLHCDuJuVKN5YOw/H 0
Sending update to 10.16.98.186#53
Reply from update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 22837
;; flags: qr ra; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 1
;; ZONE SECTION:
;stestrelm.test. IN SOA
;; TSIG PSEUDOSECTION:
1211186824.sig-server68.stestrelm.test. 0 ANY TSIG gss-tsig. 1474023154 300 28 BAQF//////8AAAAAEpCNX/cUxbSD0linybI3cg== 22837 NOERROR 0
Reply from SOA query:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49445
;; flags: qr aa rd ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;73client.stestrelm.test. IN SOA
;; AUTHORITY SECTION:
stestrelm.test. 3600 IN SOA server68.stestrelm.test. hostmaster.stestrelm.test. 1474023154 3600 900 1209600 3600
Found zone name: stestrelm.test
The master is: server68.stestrelm.test
start_gssrequest
send_gssrequest
recvmsg reply from GSS-TSIG query
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32679
;; flags: qr ra; QUESTION: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;2597784398.sig-server68.stestrelm.test. ANY TKEY
;; ANSWER SECTION:
2597784398.sig-server68.stestrelm.test. 0 ANY TKEY gss-tsig. 1474023154 1474026754 3 NOERROR 156 YIGZBgkqhkiG9xIBAgICAG+BiTCBhqADAgEFoQMCAQ+iejB4oAMCARKi cQRvvUVFeAkxRbCiMrMdpM3hb0jLCFcd0Iv/1SEZAn2fpr791Kteonmq osyOVQwvPOpWlzHmTF1pFgymxntAfp6tVOlmibSaZLQ/QqfbGHB6i2AQ a0LAQV66raDOerJIBI2xh6LQFPNC39ZoR8zJzltg 0
Sending update to 10.16.98.186#53
Reply from update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 59419
;; flags: qr ra; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 1
;; ZONE SECTION:
;stestrelm.test. IN SOA
;; TSIG PSEUDOSECTION:
2597784398.sig-server68.stestrelm.test. 0 ANY TSIG gss-tsig. 1474023154 300 28 BAQF//////8AAAAADlzzBCnzszje45VRNY9GSA== 59419 NOERROR 0
Starting external process
args=/bin/systemctl list-unit-files --full
Process finished, return code=0
stdout=UNIT FILE STATE
proc-sys-fs-binfmt_misc.automount static
.
.
systemd-tmpfiles-clean.timer static
285 unit files listed.
stderr=
Starting external process
args=/bin/systemctl list-unit-files --full
Process finished, return code=0
stdout=UNIT FILE STATE
proc-sys-fs-binfmt_misc.automount static
.
.
systemd-tmpfiles-clean.timer static
285 unit files listed.
stderr=
Loading StateFile from '/var/lib/ipa-client/sysrestore/sysrestore.state'
Saving StateFile to '/var/lib/ipa-client/sysrestore/sysrestore.state'
Loading StateFile from '/var/lib/ipa-client/sysrestore/sysrestore.state'
Saving StateFile to '/var/lib/ipa-client/sysrestore/sysrestore.state'
Starting external process
args=/usr/sbin/authconfig --enablesssdauth --update --enablesssd
Process finished, return code=0
stdout=
stderr=
SSSD enabled
Starting external process
args=/bin/systemctl restart sssd.service
Process finished, return code=0
stdout=
stderr=
Starting external process
args=/bin/systemctl is-active sssd.service
Process finished, return code=0
stdout=active
stderr=
Starting external process
args=/bin/systemctl enable sssd.service
Process finished, return code=0
stdout=
stderr=
Backing up system configuration file '/etc/openldap/ldap.conf'
Saving Index File to '/var/lib/ipa-client/sysrestore/sysrestore.index'
Configured /etc/openldap/ldap.conf
Starting external process
args=getent passwd admin
Process finished, return code=0
stdout=admin:*:414600000:414600000:Administrator:/home/admin:/bin/bash
stderr=
Backing up system configuration file '/etc/ssh/ssh_config'
Saving Index File to '/var/lib/ipa-client/sysrestore/sysrestore.index'
Configured /etc/ssh/ssh_config
Backing up system configuration file '/etc/ssh/sshd_config'
Saving Index File to '/var/lib/ipa-client/sysrestore/sysrestore.index'
Starting external process
args=sshd -t -f /dev/null -o AuthorizedKeysCommand=/usr/bin/sss_ssh_authorizedkeys -o AuthorizedKeysCommandUser=nobody
Process finished, return code=0
stdout=
stderr=Could not load host key: /etc/ssh/ssh_host_dsa_key
Configured /etc/ssh/sshd_config
Starting external process
args=/bin/systemctl is-active sshd.service
Process finished, return code=0
stdout=active
stderr=
Starting external process
args=/bin/systemctl restart sshd.service
Process finished, return code=0
stdout=
stderr=
Starting external process
args=/bin/systemctl is-active sshd.service
Process finished, return code=0
stdout=active
stderr=
Configuring stestrelm.test as NIS domain.
Starting external process
args=/usr/bin/nisdomainname
Process finished, return code=1
stdout=nisdomainname: Local domain name not set
stderr=
Loading StateFile from '/var/lib/ipa-client/sysrestore/sysrestore.state'
Saving StateFile to '/var/lib/ipa-client/sysrestore/sysrestore.state'
Starting external process
args=/bin/systemctl is-enabled rhel-domainname.service
Process finished, return code=1
stdout=disabled
stderr=
Loading StateFile from '/var/lib/ipa-client/sysrestore/sysrestore.state'
Saving StateFile to '/var/lib/ipa-client/sysrestore/sysrestore.state'
Starting external process
args=/usr/sbin/authconfig --update --nisdomain stestrelm.test
Process finished, return code=0
stdout=
stderr=
Starting external process
args=/bin/systemctl enable rhel-domainname.service
Process finished, return code=0
stdout=
stderr=Created symlink from /etc/systemd/system/sysinit.target.wants/rhel-domainname.service to /usr/lib/systemd/system/rhel-domainname.service.
Starting external process
args=/bin/systemctl restart rhel-domainname.service
Process finished, return code=0
stdout=
stderr=
Starting external process
args=/bin/systemctl is-active rhel-domainname.service
Process finished, return code=0
stdout=active
stderr=
Client configuration complete.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-2404.html |
Description of problem: ipa-client-install does not finish if joining to RHEL-6.8 version of ipa-server. Join to ipa-server from RHEL-7 is working as expected. Protocol: TLS1.2 Cipher: TLS_RSA_WITH_AES_256_CBC_SHA Destroyed connection context.rpcclient_37084432 Traceback (most recent call last): File "/usr/sbin/ipa-client-install", line 3127, in <module> sys.exit(main()) File "/usr/sbin/ipa-client-install", line 3108, in main rval = install(options, env, fstore, statestore) File "/usr/sbin/ipa-client-install", line 2817, in install api.finalize() File "/usr/lib/python2.7/site-packages/ipalib/plugable.py", line 701, in finalize self.__do_if_not_done('load_plugins') File "/usr/lib/python2.7/site-packages/ipalib/plugable.py", line 416, in __do_if_not_done getattr(self, name)() File "/usr/lib/python2.7/site-packages/ipalib/plugable.py", line 579, in load_plugins for package in self.packages: File "/usr/lib/python2.7/site-packages/ipalib/__init__.py", line 919, in packages ipaclient.remote_plugins.get_package(self), File "/usr/lib/python2.7/site-packages/ipaclient/remote_plugins/__init__.py", line 19, in get_package plugins = compat.get_package(api, client) File "/usr/lib/python2.7/site-packages/ipaclient/remote_plugins/compat.py", line 42, in get_package ping = client.forward(u'ping', u'api_version', version=u'2.0') File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 986, in forward return self._call_command(command, params) File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 967, in _call_command return command(*params) File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 1117, in _call return self.__request(name, args) File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 1111, in __request raise error_class(**kw) ipalib.errors.ZeroArgumentError: command 'ping' takes no arguments Version-Release number of selected component (if applicable): ipa-client-4.4.0-3.el7 ipa-server-3.0.0-50.el6.1 How reproducible: always Steps to Reproduce: 1. Just try to join