[Freeipa-users] client setup failure
Rob Crittenden
rcritten at redhat.com
Tue Mar 29 13:41:41 UTC 2011
Martin Kosek wrote:
> On Tue, 2011-03-29 at 12:49 +0200, tomasz.napierala at allegro.pl wrote:
>> On 2011-03-29, at 10:20, Martin Kosek wrote:
>>
>>> On Tue, 2011-03-29 at 00:08 +0000, Steven Jones wrote:
>>>
>>> What is a content of _ldap._tcp.ipa.ac.nz DNS SRV record? IPA client
>>> installation uses this DNS record in an autodiscovery of IPA server in
>>> the given DNS domain.
>>
>> In AD managed zone that would be domain controller itself.
>>
>> pz
>
> You are right. In that case the autodiscovery have to be skipped and
> --server/--domain parameters need to be added to the client installation
> script manually.
>
> Martin
Yes, please try with --server as a workaround.
This is a rather tricky one. We fetch the IPA CA so we can make a TLS
connection and gather some data for autodiscovery. I guess we need to
make the failure to retrieve the CA non-fatal, I'm just not sure what
other implications that will have. I thought we passed along the
provided server to to autodiscovery so this wouldn't happen.
I've opened https://fedorahosted.org/freeipa/ticket/1135 to track this.
thanks
rob
More information about the Freeipa-users
mailing list