RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 798381 - ipa-client-install failing with "ipaserver.testrelm.com is not an IPA v2 Server."
Summary: ipa-client-install failing with "ipaserver.testrelm.com is not an IPA v2 Serv...
Keywords:
Status: CLOSED WORKSFORME
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: ipa
Version: 6.3
Hardware: Unspecified
OS: Unspecified
urgent
unspecified
Target Milestone: rc
: ---
Assignee: Rob Crittenden
QA Contact: IDM QE LIST
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-02-28 18:50 UTC by Jenny Severance
Modified: 2012-05-09 14:42 UTC (History)
3 users (show)

Fixed In Version: ipa-2.2.0-9.el6
Doc Type: Bug Fix
Doc Text:
No documentation needed.
Clone Of:
Environment:
Last Closed: 2012-05-09 14:42:00 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Jenny Severance 2012-02-28 18:50:02 UTC 
Description of problem:

With latest builds can not install ipa client


# ipa-client-install --domain=testrelm.com --realm=TESTRELM.COM -p admin -w mysecret -U --server=ipaserver.testrelm.com
ipaserver.testrelm.com is not an IPA v2 Server.

<rcrit> Invalid ACL element: any;
<rcrit> I"m not sure this is an ipa server problem. I'll see if I can find a workaround

<jgalipea> from the client I can ping the outside world ... so ipaserver.testrelm.com is forwarding non-authoritative requests ...

<rcrit> it's not allowing queries I presume
<rcrit> ipa dnszone-mod testrelm.com --delattr idnsallowquery=any; && ipa dnszone-mod testrelm.com --delattr idnsallowtransfer=none;
<rcrit> jgalipea, that is how I got resolution working again, along with a named restart



Version-Release number of selected component (if applicable):
ipa-server-2.2.0-102.20120228T1040zgit449c71c.el6.x86_64
ipa-client-2.2.0-102.20120228T1040zgit449c71c.el6.x86_64

How reproducible:


Steps to Reproduce:
1. 
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 2 Martin Kosek 2012-02-29 08:54:26 UTC 
What is the version of bind-dyndb-ldap? It looks like you have the old RHEL build where idnsAllowQuery was still a multivalued LDAP attribute where ACL elements were added separately. The new version have all ACL elements as one attribute value, separated with ";".
Comment 3 Jenny Severance 2012-02-29 12:02:49 UTC 
bind-dyndb-ldap.x86_64 0:1.1.0-0.6.a1.20120228T1006z.el6
Comment 4 Martin Kosek 2012-02-29 12:43:34 UTC 
Thanks. I see I was right, ACL format is fixed in bind-dyndb-ldap >= 1.1.0-0.8.a2. You would need an updated version of this package.
Comment 6 Rob Crittenden 2012-02-29 14:28:51 UTC 
We'll need to reset the Conflicts version number to whatever the build is as well (Conflicts because we don't require bind-dyndb-ldap to be installed but if it is we use this to require a specific version).
Comment 8 Rob Crittenden 2012-04-18 20:30:31 UTC 
We have added a Conflicts to require a minimum n-v-r on bind-dyndb-ldap as part of BZ 805814. Is this problem still occurring?
Comment 9 Jenny Severance 2012-04-19 14:44:31 UTC 
I have not seen this error in quite sometime.  I suggest we close as works for me and if we come across it again we can re-open.
Comment 12 Martin Kosek 2012-04-19 18:07:27 UTC 
(In reply to comment #9)
> I have not seen this error in quite sometime.  I suggest we close as works for
> me and if we come across it again we can re-open.

Yes, this was just an issue of in-compatibility between ipa and bind-dyndb-ldap which should no longer occur because of ipa package requirements. +1 for closing as WORKSFORME.
Comment 14 Martin Kosek 2012-04-24 13:31:50 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
No documentation needed.
Comment 15 Namita Soman 2012-05-09 14:42:00 UTC 
closing as worksforme
Note You need to log in before you can comment on or make changes to this bug.