Build: Satellite 6.4.1 host was provisioned with a realm proxy and was successfully enrolled hammer host info --id 2 Id: 2 UUID: 501e07bb-7c13-2767-d346-bc1ae15d5396 Name: daisy-figueira.domain Organization: Default Organization Location: Default Location Host Group: rhel7_hstgrp Compute Resource: vmware Compute Profile: 2-Medium Puppet Environment: production Puppet CA Proxy: qe-sat6-feature-rhel7.domain Puppet Master Proxy: qe-sat6-feature-rhel7.domain Cert name: daisy-figueira.domain Managed: yes Installed at: 2018/11/16 13:44:26 Last report: 2018/11/16 13:45:25 Network: IPv4 address: 0.0.0.157 IPv6 address: 2620:52:0:86f:250:56ff:fe9e:683b MAC: 00:50:56:9e:68:3b Subnet ipv4: Default Subnet Domain: domain Network interfaces: 1) Id: 2 Identifier: ens160 Type: interface (primary, provision) MAC address: 00:50:56:9e:68:3b IPv4 address: 0.0.0.157 IPv6 address: 2620:52:0:86f: FQDN: daisy-figueira.domain Operating system: Architecture: x86_64 Operating System: RHEL Server 7.6 Build: no Partition Table: Kickstart default PXE Loader: PXELinux BIOS Custom partition table: Parameters: All parameters: kt_activation_keys => rhel7_ak enable-puppet5 => true enable-epel => false Additional info: Owner: Admin User Owner Type: User Enabled: yes Model: VMware Virtual Platform Comment: OpenSCAP Proxy: 1 Content Information: Content View: ID: 2 Name: rhel7_cv Lifecycle Environment: ID: 2 Name: DEV Content Source: ID: 1 Name: qe-sat6-feature-rhel7.domain Kickstart Repository: ID: Name: Applicable Packages: 0 Upgradable Packages: 0 Applicable Errata: Enhancement: 0 Bug Fix: 0 Security: 0 Subscription Information: UUID: 46927e9d-7c71-44f1-8590-b6f823788f61 Last Checkin: 2018-11-16 13:44:10 UTC Service Level: Release Version: Autoheal: true Registered To: qe-sat6-feature-rhel7.domain Registered At: 2018-11-16 13:38:02 UTC Registered by Activation Keys: 1) rhel7_ak Host Collections: psotinstall.log: Discovery was successful! Client hostname: daisy-figueira.domain Realm: domain DNS Domain: domain IPA Server: qe-sat6-ipa.domain BaseDN: dc=domain,dc=lab,dc=eng,dc=rdu2,dc=redhat,dc=com Skipping synchronizing time with NTP server. Downloading the CA certificate via HTTP, this is INSECURE Successfully retrieved CA cert Subject: CN=Certificate Authority,O=domain Issuer: CN=Certificate Authority,O=domain Valid From: 2016-03-17 17:17:12 Valid Until: 2036-03-17 17:17:12 Enrolled in IPA realm domain Created /etc/ipa/default.conf New SSSD config will be created Configured sudoers in /etc/nsswitch.conf Configured /etc/sssd/sssd.conf Configured /etc/krb5.conf for IPA realm domain trying https://qe-sat6-ipa.domain/ipa/json [try 1]: Forwarding 'schema' to json server 'https://qe-sat6-ipa.domain/ipa/json' trying https://qe-sat6-ipa.domain/ipa/session/json [try 1]: Forwarding 'ping' to json server 'https://qe-sat6-ipa.domain/ipa/session/json' [try 1]: Forwarding 'ca_is_enabled' to json server 'https://qe-sat6-ipa.domain/ipa/session/json' Systemwide CA database updated. Hostname (daisy-figueira.domain) does not have A/AAAA record. Missing reverse record(s) for address(es): 2620:52:0:86f:250:56ff:fe9e:683b. Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub Adding SSH public key from /etc/ssh/ssh_host_ed25519_key.pub [try 1]: Forwarding 'host_mod' to json server 'https://qe-sat6-ipa.domain/ipa/session/json' SSSD enabled Configured /etc/openldap/ldap.conf Principal is not set when enrolling with OTP; using principal 'admin@domain' for 'getent passwd' Unable to find 'admin' user with 'getent passwd admin@domain'! Unable to reliably detect configuration. Check NSS setup manually. Configured /etc/ssh/ssh_config Configured /etc/ssh/sshd_config Configuring domain as NIS domain. Client configuration complete. The ipa-client-install command was successful WARNING: ntpd time&date synchronization service will not be configured as conflicting service (chronyd) is enabled Use --force-ntpd option to disable it and force configuration of ntpd [root@daisy-figueira ~]# id realm-proxy uid=632600001(realm-proxy) gid=632600001(realm-proxy) groups=632600001(realm-proxy) [root@daisy-figueira ~]# id admin uid=632600000(admin) gid=632600000(admins) groups=632600000(admins) Host is successfully enrolled
*** Bug 1651643 has been marked as a duplicate of this bug. ***
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:3799