[Freeipa-users] Re-run install script?

Simo Sorce simo at redhat.com
Thu Aug 2 17:21:01 UTC 2012 

Hi Sara,

DNS does not influence ipa-client-install, if that command fails it
means the host is registered in the ipa server as a member of the domain
and the correct command to remove it should be ipa host-del.

The (Invalid credential) error is odd though. On what machine are you
running ipa host-del and with what user credentials ?

Simo.


On Thu, 2012-08-02 at 08:31 -0700, Kline, Sara wrote:
> I can't use ipa-client-install because it says that it is joined already. I can't run ipa-client-install --uninstall because as far its concerned the script has never been run so the package has not been set up.
> 
> I am trying to remove the server from DNS. I have done it through the GUI and I have done it at the command line with ipa-host-del and neither one is working. I get the error:
> "Certificate operation cannot be completed: EXCEPTION  (Invalid Credential.)" As I said before though, I can use this command on other systems just fine, it is just this one system that it is failing on.
> 
> Thanks,
> Sara Kline
> 
> 
> -----Original Message-----
> From: Simo Sorce [mailto:simo at redhat.com]
> Sent: Thursday, August 02, 2012 8:26 AM
> To: Kline, Sara
> Cc: freeipa-users at redhat.com
> Subject: RE: [Freeipa-users] Re-run install script?
> 
> On Thu, 2012-08-02 at 08:22 -0700, Kline, Sara wrote:
> > Copied from below:
> >  I get the same error if I try to use ipa host-del although again this works fine for other entries.
> >
> > I have tried everything that the documentation suggested to try and have searched Google pretty extensively. I am not finding a way to clear this error, and I am not finding anyone else who has this particular error either.
> > People taking systems down without notifying us happens more frequently than I care to admit so this could potentially come up in our production environment. I just want to make sure that there is a way to remove the entries...by force if necessary. Or if I need to do a manual configuration to get it to work then I will do that. Just need some guidance on if there is a tool that will remove the bad entry or if it will just be a manual setup now.
> >
> > Thanks,
> > Sara Kline
> 
> Can you please provide the command you are running to re-join the machine ?
> 
> Simo.
> 
> --
> Simo Sorce * Red Hat, Inc * New York
> 
> 
> This e-mail message is for the sole use of the intended recipient(s)and may
> contain confidential and privileged information of Transaction Network Services.
> Any unauthorised review, use, disclosure or distribution is prohibited. If you
> are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
> 


-- 
Simo Sorce * Red Hat, Inc * New York

More information about the Freeipa-users mailing list