[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Freeipa-users] about rplication FreeIPA

Виктор Сергеевич wrote:

I try to create replication server

On a primary-server it is established fedora10, on secondary a server
fedora 11. I use function multimaster replication and process with pgp
file on secondary server with help ipa-replica-install passes normally
(on secondary a server all services start, but in a webinterface
permission denided, but the given situation is specified in MAN freeIPA
- only console management of a remark), however by search of the user on
secondary I receive the message:

ipa-finduser admin
"Did not receive Kerberos credentials"

It seems is not present krb-authorisation? I try to be authorised:

kinit admin
... cannot contact any KDC for realm 'REALM_NAME'

That is it is impossible to find KDC?
Hi .. Just to clarify - the first server - primary is all okay, right?
Then let's start by ruling out the easy stuff. Make sure DNS is configured properly and the machines are forward and reverse resolvable. And could you post the entire contents of both server's /etc/krb5.conf files.

Distinctions between files krb5.conf on primary and secondary servers:

In krb5.conf on the secondary server:



In krb5.conf on the primary server:



If i change parametrs of the pach [realm] secondary>primary? then i can
use kinit, but ... it's do bad idea.

What I have to do?

Freeipa-users mailing list
Freeipa-users redhat com

Jenny Galipeau <jgalipea redhat com>
Principal Software QA Engineer
Red Hat, Inc. Security Engineering

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]