[Freeipa-users] Trying out ipa on zlinux

David Juran djuran at redhat.com
Fri May 4 14:04:02 UTC 2012 

Hello

We've been trying to get IPA running on a RHEL6.2 zLinux (s390x). We've
recompiled the RHEL6 SRPMS (including the 389 packages) for the
architecture and eventually they installed. But when trying to set up
the server, it fails when trying to create the KDC.

Configuring Kerberos KDC: Estimated time 30 seconds
  [1/14]: setting KDC account password
  [2/14]: adding sasl mappings to the directory
  [3/14]: adding kerberos entries to the DS
  [4/14]: adding default ACIs
  [5/14]: configuring KDC
Failed to populate the realm structure in kerberos Command 'kdb5_ldap_util -D uid=kdc,cn=sysaccounts,cn=etc,dc=srv,dc=volvo,dc=com create -s -r SRV.VOLVO.COM -subtrees dc=srv,dc=volvo,dc=com -sscope sub' returned non-zero exit status 1
  [6/14]: adding default keytypes
root        : CRITICAL Failed to load default-keytypes.ldif: Command '/usr/bin/ldapmodify -h zlin2011.srv.volvo.com -v -f /tmp/tmpERWFsx -x -D cn=Directory Manager -y /tmp/tmpC1RCfQ' returned non-zero exit status 32
  [7/14]: adding default password policy
root        : CRITICAL Failed to load default-pwpolicy.ldif: Command '/usr/bin/ldapmodify -h zlin2011.srv.volvo.com -v -f /tmp/tmpPUNKLs -x -D cn=Directory Manager -y /tmp/tmpPcnobe' returned non-zero exit status 32
  [8/14]: creating a keytab for the directory
Unexpected error - see ipaserver-install.log for details:
 Command 'kadmin.local -q addprinc -randkey ldap/zlin2011.srv.volvo.com at SRV.VOLVO.COM' returned non-zero exit status 1

>From the dirsrv access log, we see the following line which differs from when trying to install on x86_64 (where it works):

[04/May/2012:15:22:27 +0200] conn=8 fd=66 slot=66 connection from local to /var/run/slapd-SRV-VOLVO-COM.socket
[04/May/2012:15:22:27 +0200] conn=8 op=0 BIND dn="uid=kdc,cn=sysaccounts,cn=etc,dc=srv,dc=volvo,dc=com" method=128 version=3
[04/May/2012:15:22:27 +0200] conn=8 op=0 RESULT err=7 tag=97 nentries=0 etime=0
[04/May/2012:15:22:27 +0200] conn=8 op=-1 fd=66 closed - B1

Would anyone have a clue what could be wrong?

-- 
David Juran <djuran at redhat.com>
+46-725-345801
Sr. Consultant
Red Hat



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120504/3b7cf4e7/attachment.sig>

More information about the Freeipa-users mailing list