If I run ipa-server-install -n example.com -r EXAMPLE.COM --external-ca --subject="O=example AG,C=DE" --setup-dns --forwarder ... then it asks me get signed certificates and to run ipa-server-install again. Quote: The next step is to get /root/ipa.csr signed by your CA and re-run /usr/sbin/ipa-server-install as: /usr/sbin/ipa-server-install --external-cert-file=/path/to/signed_certificate --external-cert-file=/path/to/external_ca_certificate If I do, then DNS is not setup. I have to add the DNS specific options again. This is highly misleading. ipa-server-install should show *all* necessary command line arguments to complete the second step, according to step 1. Unfortunately the log file is gone. Did you know that ipa-server-install overwrites its own logfiles?
This is a regression in 4.2.
Upstream ticket: https://fedorahosted.org/freeipa/ticket/5556
Fixed upstream master: https://fedorahosted.org/freeipa/changeset/30fbc7e948739f0ee758e01d0ef1a3a0a53984b0 https://fedorahosted.org/freeipa/changeset/f0703d3c2a399012fa4cae0b856c08ff18b42463 ipa-4-3: https://fedorahosted.org/freeipa/changeset/264748b14e1177a16133c65a1ee9e0d995b17732 https://fedorahosted.org/freeipa/changeset/2b3a0a4519b409c4c363afcb61da77ad9b9a1436 ipa-4-2: https://fedorahosted.org/freeipa/changeset/2bead374900a597234e09b483c380574a6c53d14 https://fedorahosted.org/freeipa/changeset/d655b949d3bd8f5d192605acd579314e82492b86
*** Bug 1292042 has been marked as a duplicate of this bug. ***
This bug appears to have been reported against 'rawhide' during the Fedora 24 development cycle. Changing version to '24'. More information and reason for this action is here: https://fedoraproject.org/wiki/Fedora_Program_Management/HouseKeeping/Fedora24#Rawhide_Rebase
freeipa-4.2.4-1.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-cb0ac4420c
freeipa-4.2.4-1.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-cb0ac4420c
freeipa-4.2.4-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.