[Freeipa-users] ipa-client-install errors via kickstart
Rob Crittenden
rcritten at redhat.com
Wed Jun 22 21:49:10 UTC 2011
Charlie Derwent wrote:
> Hi
>
> I'm running FreeIPA server on F14 and connecting to a F14 client. When I
> run ipa-client-install (via kickstart or after the client has installed)
> I'm getting the following error message.
>
> root : DEBUG
> root : ERROR LDAP Error: Connect error: Start TLS request
> accepted. Server willing to negotiate SSL
> Failed to verify that ipa.test.net <http://ipa.test.net> is an IPA server
> This may mean that the remote server is not up or is not reachable due
> to network or firewall settings
What version of IPA are you running on the client and server?
Can you check the 389-ds access log to see if you can see the connection
and any errors reported with it?
>
>
> The ipa server is definately up and running, it's still authenticating
> other servers in the network and when I rebuild the client with rhel or
> centos it can enroll (almost) without issue (see below).
>
> The second issue was this certmonger related bug where certmonger fails
> to start on new install
> (https://bugzilla.redhat.com/show_bug.cgi?id=636894) was it resolved in
> Red Hat 5 as I think i'm expering the issue with my RH5u6 clients?
Looks like it wasn't fixed in RHEL 5.x. IIRC the simple fix is to
restart messagebus after installing certmonger. Should be easy to do in
a kickstart.
rob
More information about the Freeipa-users
mailing list