[Freeipa-devel] [PATCHES] Add ipa-dns-install

Rob Crittenden rcritten at redhat.com
Tue Feb 9 20:45:49 UTC 2010 

Martin Nagy wrote:
> On Thu, 2010-01-21 at 17:37 -0500, Rob Crittenden wrote:
>> Rob Crittenden wrote:
>>> Martin Nagy wrote:
>>>> Hi,
>>>> with these patches, the user will be able to install DNS additionally,
>>>> after ipa-server-install. No --uninstall yet, however. I do have it in
>>>> my tree, but it causes a lot of problems. Hopefully, I'll manage to
>>>> solve them later. Thanks.
>>>>
>>>> Martin
>>>>
>>> Nack, it isn't working for me:
>>>
>>> # ipa-dns-install
>>>
>>> The log file for this installation can be found in 
>>> /var/log/ipaserver-install.log
>>> ============================================================================== 
>>>
>>> This program will setup DNS for the FreeIPA Server.
>>>
>>> This includes:
>>>   * Configure DNS (bind)
>>>
>>> To accept the default shown in brackets, press the Enter key.
>>>
>>> Existing BIND configuration detected, overwrite? [no]: y
>>> Enter IP address for a DNS forwarder (empty to stop):
>>> No DNS forwarders configured
>>> Directory Manager password:
>>>
>>> The following operations may take some minutes to complete.
>>> Please wait until the prompt is returned.
>>>
>>> Unexpected error - see ipaserver-install.log for details:
>>>  {'info': 'Unauthenticated binds are not allowed', 'desc': 'Server is 
>>> unwilling to perform'}
>>>
>>> There is nothing in the install log, 389 access log had:
>>>
>>> [21/Jan/2010:16:50:37 -0500] conn=22 fd=70 slot=70 connection from 
>>> localhost to localhost
>>> [21/Jan/2010:16:50:37 -0500] conn=22 op=0 BIND dn="cn=Directory Manager" 
>>> method=128 version=3
>>> [21/Jan/2010:16:50:37 -0500] conn=22 op=0 RESULT err=53 tag=97 
>>> nentries=0 etime=0
>>> [21/Jan/2010:16:50:37 -0500] conn=22 op=1 UNBIND
>>> [21/Jan/2010:16:50:37 -0500] conn=22 op=1 fd=70 closed - U1
>>>
>>> It also throws an exception if you press ^C at the prompts.
>>>
>>> rob
>> I had a discussion with Martin in irc about this. The patch actually 
>> does work it just doesn't handle the case where you don't get a DM 
>> password. I'm still nacking this particular patch due to this but the 
>> first two patches are fine, so ack for those and I'm pushing them to master.
>>
>> rob
> 
> New patch with fixed script.
> 
> Martin
> 

ack, pushed to master

rob

More information about the Freeipa-devel mailing list