Hide Forgot
Description of problem: Seeing the error message, using steps below: # ipa-client-install --domain=testrelm --realm=TESTRELM -p admin -w <xxx> --no-sssd Discovery was successful! Hostname: rhel62-server2.testrelm Realm: TESTRELM DNS Domain: testrelm IPA Server: rhel62-server1.testrelm BaseDN: dc=testrelm Continue to configure the system with these values? [no]: y Synchronizing time with KDC... Enrolled in IPA realm TESTRELM Created /etc/ipa/default.conf Configured /etc/krb5.conf for IPA realm TESTRELM LDAP enabled Kerberos 5 enabled Unable to find 'admin' user with 'getent passwd admin'! Unable to reliably detect configuration. Check NSS setup manually. NTP enabled Client configuration complete. Version-Release number of selected component (if applicable): ipa-client-2.1.2-2.el6.x86_64 How reproducible: always Steps to Reproduce: 1.ipa-client-install --domain=testrelm --realm=TESTRELM -p admin -w <xxx> --no-sssd Actual results: output includes error: Unable to find 'admin' user with 'getent passwd admin'! Unable to reliably detect configuration. Check NSS setup manually. Expected results: not to see the above message Additional info: possibly related bugs - bug 736954, bug 714924
Upstream ticket: https://fedorahosted.org/freeipa/ticket/1986
Fixed upstream master: 814a424a37c715f0fd14e88282271d29d3d1fd94 ipa-2-1: 1104a8898ca6d4e46f3671245703fe1ca8b40ec5
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Do not document
Verified using ipa-client-2.1.3-8.el6.x86_64 Had to install nss_ldap on this machine to allow installing with --no-sssd option (bug 750850): wget http://download.devel.redhat.com/brewroot/packages/nss_ldap/264/8.el6/x86_64/nss_ldap-264-8.el6.x86_64.rpm yum localinstall nss_ldap-264-8.el6.x86_64.rpm Then installed successfully and kinit'd as well: # ipa-client-install --domain=testrelm --realm=TESTRELM -p admin -w Secret123 --no-sssd Discovery was successful! Hostname: ipa-replica2.testrelm Realm: TESTRELM DNS Domain: testrelm IPA Server: ipa-master.testrelm BaseDN: dc=testrelm Continue to configure the system with these values? [no]: y Synchronizing time with KDC... Enrolled in IPA realm TESTRELM Created /etc/ipa/default.conf Configured /etc/krb5.conf for IPA realm TESTRELM LDAP enabled Kerberos 5 enabled LDAP configured using configuration file(s) /etc/ldap.conf NTP enabled Client configuration complete.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2011-1533.html