Bug 753936

Updated to upstream, dropped duplicate patches.

Fixed some new python 2.4 issues.

*** Bug 756704 has been marked as a duplicate of this bug. ***

Enrollment is failing with xmlrpc-c-1.16.24-1206.1840.2.el5.x86_64. I think this is due to xmlrpc-c not having a BuildRequires on a version of curl that sets HAVE_CURL_GSSAPI_DELEGATION.

This won't necessarily require a respin of ipa-client but we may want to set the minimum xmlrpc-c requires.

Installed:
  ipa-client.x86_64 0:2.1.3-1.el5                                                                                                          

Dependency Installed:
  certmonger.x86_64 0:0.50-3.el5
  cyrus-sasl-gssapi.x86_64 0:2.1.22-5.el5_4.3            
  sssd.x86_64 0:1.5.1-44.el5      
  xmlrpc-c.x86_64 0:1.16.24-1206.1840.4.el5       
  xmlrpc-c-client.x86_64 0:1.16.24-1206.1840.4.el5  

[root@hp-dl360g5-01 ~]# ipa-client-install 
DNS discovery failed to determine your DNS domain
Provide the domain name of your IPA server (ex: example.com): lab.eng.pnq.redhat.com
DNS discovery failed to find the IPA Server
Provide your IPA server name (ex: ipa.example.com): bumblebee.lab.eng.pnq.redhat.com

The failure to use DNS to find your IPA server indicates that your
resolv.conf file is not properly configured.

Autodiscovery of servers for failover cannot work with this configuration.

If you proceed with the installation, services will be configured to always
access the discovered server for all operation and will not fail over to
other servers in case of failure.

Proceed with fixed values and no DNS discovery? [no]: yes
Hostname: hp-dl360g5-01.rhts.eng.bos.redhat.com
Realm: LAB.ENG.PNQ.REDHAT.COM
DNS Domain: lab.eng.pnq.redhat.com
IPA Server: bumblebee.lab.eng.pnq.redhat.com
BaseDN: dc=lab,dc=eng,dc=pnq,dc=redhat,dc=com


Continue to configure the system with these values? [no]: yes
User authorized to enroll computers: admin
Synchronizing time with KDC...
Unable to sync time with IPA NTP server, assuming the time is in sync.
Password for admin.PNQ.REDHAT.COM: 

Enrolled in IPA realm LAB.ENG.PNQ.REDHAT.COM
Created /etc/ipa/default.conf
Configured /etc/sssd/sssd.conf
Configured /etc/krb5.conf for IPA realm LAB.ENG.PNQ.REDHAT.COM
SSSD enabled
NTP enabled
Client configuration complete.
[root@hp-dl360g5-01 ~]# 



[root@hp-dl360g5-01 ~]# kinit admin
Password for admin.PNQ.REDHAT.COM: 
[root@hp-dl360g5-01 ~]# 


[root@hp-dl360g5-01 ~]# klist 
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: admin.PNQ.REDHAT.COM
Valid starting     Expires            Service principal
12/15/11 06:15:53  12/16/11 06:15:50  krbtgt/LAB.ENG.PNQ.REDHAT.COM.PNQ.REDHAT.COM
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
[root@hp-dl360g5-01 ~]# 


[root@hp-dl360g5-01 ~]# getent -s sss passwd shanks
shanks:*:715400003:715400003:s r:/home/shanks:/bin/sh
[root@hp-dl360g5-01 ~]# 


[root@hp-dl360g5-01 ~]# ssh -q -l shanks localhost
shanks@localhost's password: 
Last login: Thu Dec 15 06:19:07 2011 from localhost.localdomain

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0190.html