Bug 753936

Summary: Rebase ipa-client to upstream 2.1.3
Product: Red Hat Enterprise Linux 5 Reporter: Rob Crittenden <rcritten>
Component: ipa-clientAssignee: Rob Crittenden <rcritten>
Status: CLOSED ERRATA QA Contact: IDM QE LIST <seceng-idm-qe-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 5.7CC: briang, ckannan, dpal, grajaiya, ksiddiqu
Target Milestone: rcKeywords: Rebase
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Fixed In Version: ipa-client-2.1.3-1.el5 Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-02-21 00:42:40 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Rob Crittenden 2011-11-14 16:43:23 EST
Rebase to upstream IPA 2.1.3 release.
Comment 1 Rob Crittenden 2011-11-16 19:27:31 EST
Updated to upstream, dropped duplicate patches.

Fixed some new python 2.4 issues.
Comment 3 Rob Crittenden 2011-11-28 14:38:36 EST
*** Bug 756704 has been marked as a duplicate of this bug. ***
Comment 4 Rob Crittenden 2011-11-28 15:20:36 EST
Enrollment is failing with xmlrpc-c-1.16.24-1206.1840.2.el5.x86_64. I think this is due to xmlrpc-c not having a BuildRequires on a version of curl that sets HAVE_CURL_GSSAPI_DELEGATION.

This won't necessarily require a respin of ipa-client but we may want to set the minimum xmlrpc-c requires.
Comment 5 Gowrishankar Rajaiyan 2011-12-15 06:18:52 EST
  ipa-client.x86_64 0:2.1.3-1.el5                                                                                                          

Dependency Installed:
  certmonger.x86_64 0:0.50-3.el5
  cyrus-sasl-gssapi.x86_64 0:2.1.22-5.el5_4.3            
  sssd.x86_64 0:1.5.1-44.el5      
  xmlrpc-c.x86_64 0:1.16.24-1206.1840.4.el5       
  xmlrpc-c-client.x86_64 0:1.16.24-1206.1840.4.el5  

[root@hp-dl360g5-01 ~]# ipa-client-install 
DNS discovery failed to determine your DNS domain
Provide the domain name of your IPA server (ex: example.com): lab.eng.pnq.redhat.com
DNS discovery failed to find the IPA Server
Provide your IPA server name (ex: ipa.example.com): bumblebee.lab.eng.pnq.redhat.com

The failure to use DNS to find your IPA server indicates that your
resolv.conf file is not properly configured.

Autodiscovery of servers for failover cannot work with this configuration.

If you proceed with the installation, services will be configured to always
access the discovered server for all operation and will not fail over to
other servers in case of failure.

Proceed with fixed values and no DNS discovery? [no]: yes
Hostname: hp-dl360g5-01.rhts.eng.bos.redhat.com
DNS Domain: lab.eng.pnq.redhat.com
IPA Server: bumblebee.lab.eng.pnq.redhat.com
BaseDN: dc=lab,dc=eng,dc=pnq,dc=redhat,dc=com

Continue to configure the system with these values? [no]: yes
User authorized to enroll computers: admin
Synchronizing time with KDC...
Unable to sync time with IPA NTP server, assuming the time is in sync.
Password for admin@LAB.ENG.PNQ.REDHAT.COM: 

Enrolled in IPA realm LAB.ENG.PNQ.REDHAT.COM
Created /etc/ipa/default.conf
Configured /etc/sssd/sssd.conf
Configured /etc/krb5.conf for IPA realm LAB.ENG.PNQ.REDHAT.COM
SSSD enabled
NTP enabled
Client configuration complete.
[root@hp-dl360g5-01 ~]# 

[root@hp-dl360g5-01 ~]# kinit admin
Password for admin@LAB.ENG.PNQ.REDHAT.COM: 
[root@hp-dl360g5-01 ~]# 

[root@hp-dl360g5-01 ~]# klist 
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: admin@LAB.ENG.PNQ.REDHAT.COM
Valid starting     Expires            Service principal
12/15/11 06:15:53  12/16/11 06:15:50  krbtgt/LAB.ENG.PNQ.REDHAT.COM@LAB.ENG.PNQ.REDHAT.COM
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
[root@hp-dl360g5-01 ~]# 

[root@hp-dl360g5-01 ~]# getent -s sss passwd shanks
shanks:*:715400003:715400003:s r:/home/shanks:/bin/sh
[root@hp-dl360g5-01 ~]# 

[root@hp-dl360g5-01 ~]# ssh -q -l shanks localhost
shanks@localhost's password: 
Last login: Thu Dec 15 06:19:07 2011 from localhost.localdomain
Comment 6 errata-xmlrpc 2012-02-21 00:42:40 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.