Bug 874935
Summary: | ipa-server installation fails to find A/AAAA record for IPA hostname | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Steeve Goveas <sgoveas> |
Component: | ipa | Assignee: | Rob Crittenden <rcritten> |
Status: | CLOSED ERRATA | QA Contact: | Namita Soman <nsoman> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 6.4 | CC: | jgalipea, mkosek |
Target Milestone: | rc | Keywords: | Regression |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ipa-3.0.0-8.el6 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-02-21 09:29:45 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Steeve Goveas
2012-11-09 06:25:34 UTC
This is indeed a regression in 6.4, I will open an upstream bug and fix this. Upstream ticket: https://fedorahosted.org/freeipa/ticket/3248 A patch with a fix is attached to ticket #3248. As a workaround until it gets pushed, you could either 1) Use an IPA hostname that is already resolvable, OR 2) Install IPA with --no-reverse option and configure reverse zone later when IPA installation is finished (if required) The patch resolved the issue. Installation was successful [root@rasalghul ~]# ipa-server-install --setup-dns --forwarder 10.65.201.122 -p Secret123 -P Secret123 -a Secret123 -r TESTRELM.COM -n testrelm.com --ip-address=10.65.201.217 --hostname=rasalghul.testrelm.com -U The log file for this installation can be found in /var/log/ipaserver-install.log ============================================================================== This program will set up the IPA Server. .... .... .... Configuring DNS (named) [1/9]: adding DNS container [2/9]: setting up our zone [3/9]: setting up reverse zone [4/9]: setting up our own record [5/9]: setting up kerberos principal [6/9]: setting up named.conf [7/9]: restarting named [8/9]: configuring named to start on boot [9/9]: changing resolv.conf to point to ourselves Done configuring DNS (named). Global DNS configuration in LDAP server is empty You can use 'dnsconfig-mod' command to set global DNS options that would override settings in local named.conf files Restarting the web server ============================================================================== Setup complete Next steps: 1. You must make sure these network ports are open: TCP Ports: * 80, 443: HTTP/HTTPS * 389, 636: LDAP/LDAPS * 88, 464: kerberos * 53: bind UDP Ports: * 88, 464: kerberos * 53: bind * 123: ntp 2. You can now obtain a kerberos ticket using the command: 'kinit admin' This ticket will allow you to use the IPA tools (e.g., ipa user-add) and the web user interface. Be sure to back up the CA certificate stored in /root/cacert.p12 This file is required to create replicas. The password for this file is the Directory Manager password Fixed upstream: master: https://fedorahosted.org/freeipa/changeset/215fcdfd5e9e0cd26cf5d60254343e11c9148a1c ipa-3-0: https://fedorahosted.org/freeipa/changeset/92860f9a4fc775ca699a0920e42bbb913c30e04f Marked as Regression. Verified using ipa-3.0.0-8.el6. Installed successfully Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2013-0528.html |