[Freeipa-users] is not an IPA v2 Server.
george he
george_he7 at yahoo.com
Mon Jun 18 14:12:42 UTC 2012
Hello Petr,
I can ping or ssh to myserver with no problem.
btw, here are the ports I opened:
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
iptables -A INPUT -p tcp --dport 389 -j ACCEPT
iptables -A INPUT -p tcp --dport 636 -j ACCEPT
iptables -A INPUT -p tcp --dport 88 -j ACCEPT
iptables -A INPUT -p udp --dport 88 -j ACCEPT
iptables -A INPUT -p tcp --dport 464 -j ACCEPT
iptables -A INPUT -p udp --dport 464 -j ACCEPT
iptables -A INPUT -p tcp --dport 53 -j ACCEPT
iptables -A INPUT -p udp --dport 53 -j ACCEPT
iptables -A INPUT -p udp --dport 123 -j ACCEPT
Thanks,
George
>________________________________
> From: Petr Viktorin <pviktori at redhat.com>
>To: "freeipa-users at redhat.com" <freeipa-users at redhat.com>
>Cc: george he <george_he7 at yahoo.com>
>Sent: Monday, June 18, 2012 10:06 AM
>Subject: Re: [Freeipa-users] is not an IPA v2 Server.
>
>On 06/18/2012 03:44 PM, george he wrote:
>> Hello all,
>>
>> here is the error message from /var/log/ipaclient-install.log on the
>> client machine:
>>
>> Connecting to myserver|myserver ip|:80... failed: No route to host.
>> Retrieving CA from myserver failed.
>> Command '/usr/bin/wget -O /tmp/tmpjibrhe/ca.crt -T 15 -t 2
>> http://myserver/ipa/config/ca.crt' returned non-zero exit status 4
>
>Seems like a routing issue. Can you ping myserver from the client machine?
>
>
>> but httpd seems running on myserver and port 80 is open.
>> # systemctl status httpd.service
>> httpd.service - The Apache HTTP Server (prefork MPM)
>> Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled)
>> Active: active (running) since Sun, 17 Jun 2012 11:17:07 -0400; 22h ago
>> Process: 16225 ExecStop=/usr/sbin/httpd $OPTIONS -k stop (code=exited,
>> status=0/SUCCESS)
>> Process: 16230 ExecStart=/usr/sbin/httpd $OPTIONS -k start (code=exited,
>> status=0/SUCCESS)
>> Main PID: 16233 (httpd)
>> CGroup: name=systemd:/system/httpd.service
>> ├ 16231 /usr/sbin/nss_pcache 1212421 off /etc/httpd/alias
>> ├ 16233 /usr/sbin/httpd -k start
>> ├ 16236 /usr/sbin/httpd -k start
>> ├ 16237 /usr/sbin/httpd -k start
>> ├ 16238 /usr/sbin/httpd -k start
>> ├ 16239 /usr/sbin/httpd -k start
>> ├ 16240 /usr/sbin/httpd -k start
>> ├ 16241 /usr/sbin/httpd -k start
>> ├ 16242 /usr/sbin/httpd -k start
>> ├ 16243 /usr/sbin/httpd -k start
>> ├ 16244 /usr/sbin/httpd -k start
>> └ 16245 /usr/sbin/httpd -k start
>> I have been working on this for days to set this thing up. Any help will
>> be very appreciated.
>> George
>>
>> ------------------------------------------------------------------------
>> *From:* george he <george_he7 at yahoo.com>
>> *To:* "freeipa-users at redhat.com" <freeipa-users at redhat.com>
>> *Sent:* Saturday, June 16, 2012 4:02 PM
>> *Subject:* is not an IPA v2 Server.
>>
>> Hello all,
>>
>> I'm trying to install freeipa for a small lab with <10 computers,
>> all running fedora 17.
>> I seemed to have installed ipa server (without DNS) successfully,
>>
>> # ipactl status
>> Directory Service: RUNNING
>> KDC Service: RUNNING
>> KPASSWD Service: RUNNING
>> MEMCACHE Service: RUNNING
>> HTTP Service: RUNNING
>> CA Service: RUNNING
>>
>> but when I try to run ipa-client-install on a client machine, I get
>> this error message:
>>
>> <server.my.edu <http://server.my.edu/>> is not an IPA v2 Server.
>> Installation failed. Rolling back changes.
>> IPA client is not configured on this system.
>>
>> what am I missing?
>> ps, I'm following the instructions here:
>> https://docs.fedoraproject.org/en-US/Fedora/16/html/FreeIPA_Guide/Installing_the_IPA_Client_on_Linux.html
>> Thanks,
>> George
>>
>>
>>
>>
>>
>> _______________________________________________
>> Freeipa-users mailing list
>> Freeipa-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>
>
>--
>Petr³
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120618/29b6fb41/attachment.htm>
More information about the Freeipa-users
mailing list