https://bugzilla.redhat.com/show_bug.cgi?id=889583 (Red Hat Enterprise Linux 6)
Description of problem: I'm trying to setup IPA with testrelm.com for domain and RALEIGHREALM for the realm. The ipa-client-install portion of the ipa-server-install is failing. [root@rhel6-1 install-server-cli]# ipa-server-install --setup-dns --forwarder=192.168.122.1 -r RALEIGHREALM -p Secret123 -P Secret123 -a Secret123 -U ...normal output skipped here... Global DNS configuration in LDAP server is empty You can use 'dnsconfig-mod' command to set global DNS options that would override settings in local named.conf files Restarting the web server Configuration of client side components failed! ipa-client-install returned: Command '/usr/sbin/ipa-client-install --on-master --unattended --domain testrelm.com --server rhel6-1.testrelm.com --realm RALEIGHREALM --hostname rhel6-1.testrelm.com' returned non-zero exit status 1 Version-Release number of selected component (if applicable): ipa-server-3.0.0-17.el6.x86_64 How reproducible: always Steps to Reproduce: 1. run ipa-server-install as above 2. 3. Actual results: failure on ipa client install portion. Expected results: works? Additional info: From ipaserver-install.log: 2012-12-21T18:59:30Z DEBUG args=/usr/sbin/ipa-client-install --on-master --unattended --domain testrelm.com --server rhel6-1.testrelm.com --realm RALEIGHREALM --hostname rhel6-1.testrelm.com 2012-12-21T18:59:30Z DEBUG stdout=ESC[?1034h 2012-12-21T18:59:30Z DEBUG stderr=Traceback (most recent call last): File "/usr/sbin/ipa-client-install", line 2325, in <module> sys.exit(main()) File "/usr/sbin/ipa-client-install", line 2311, in main rval = install(options, env, fstore, statestore) File "/usr/sbin/ipa-client-install", line 1676, in install ret = ds.search(domain=options.domain, server=options.server, hostname=hostname, ca_cert_path=get_cert_path(options.ca_cert_file)) File "/usr/lib/python2.6/site-packages/ipaclient/ipadiscovery.py", line 212, in search krb_realm, kdc = self.ipadnssearchkrb(self.domain) File "/usr/lib/python2.6/site-packages/ipaclient/ipadiscovery.py", line 434, in ipadnssearchkrb kdc = ','.join(kdc) TypeError 2012-12-21T18:59:30Z INFO File "/usr/lib/python2.6/site-packages/ipaserver/install/installutils.py", line 614, in run_script return_value = main_function() File "/usr/sbin/ipa-server-install", line 1103, in main sys.exit("Configuration of client side components failed!\nipa-client-install returned: " + str(e)) 2012-12-21T18:59:30Z INFO The ipa-server-install command failed, exception: SystemExit: Configuration of client side components failed! ipa-client-install returned: Command '/usr/sbin/ipa-client-install --on-master --unattended --domain testrelm.com --server rhel6-1.testrelm.com --realm RALEIGHREALM --hostname rhel6-1.testrelm.com' returned non-zero exit status 1 From ipaclient-install.log: 2012-12-21T18:59:29Z DEBUG /usr/sbin/ipa-client-install was invoked with options: {'domain': 'testrelm.com', 'force': False, 'krb5_offline_passwords': True, 'primary': False, 'mkhomedir': False, 'create_sshfp': True, 'conf_sshd': True, 'on_master': True, 'conf_ntp': True, 'ca_cert_file': None, 'ntp_server': None, 'principal': None, 'hostname': 'rhel6-1.testrelm.com', 'no_ac': False, 'unattended': True, 'sssd': True, 'trust_sshfp': False, 'dns_updates': False, 'realm_name': 'RALEIGHREALM', 'conf_ssh': True, 'server': ['rhel6-1.testrelm.com'], 'prompt_password': False, 'permit': False, 'debug': False, 'preserve_sssd': False, 'uninstall': False} 2012-12-21T18:59:29Z DEBUG missing options might be asked for interactively later 2012-12-21T18:59:29Z DEBUG Loading Index file from '/var/lib/ipa-client/sysrestore/sysrestore.index' 2012-12-21T18:59:29Z DEBUG Loading StateFile from '/var/lib/ipa-client/sysrestore/sysrestore.state' 2012-12-21T18:59:29Z DEBUG [IPA Discovery] 2012-12-21T18:59:29Z DEBUG Starting IPA discovery with domain=testrelm.com, server=['rhel6-1.testrelm.com'], hostname=rhel6-1.testrelm.com 2012-12-21T18:59:29Z DEBUG Server and domain forced 2012-12-21T18:59:29Z DEBUG [Kerberos realm search] 2012-12-21T18:59:29Z DEBUG Search DNS for TXT record of _kerberos.testrelm.com. 2012-12-21T18:59:29Z DEBUG DNS record found: DNSResult::name:_kerberos.testrelm .com.,type:16,class:1,rdata={data:RALEIGHREALM} 2012-12-21T18:59:29Z DEBUG Search DNS for SRV record of _kerberos._udp.raleighrealm. 2012-12-21T18:59:30Z DEBUG No DNS record found 2012-12-21T18:59:30Z DEBUG SRV record for KDC not found! Realm: RALEIGHREALM, SRV record: _kerberos.testrelm.com.
attachment freeipa-mkosek-345-kerberos-srv-record-crash.patch
Patch freeipa-mkosek-345-kerberos-srv-record-crash.patch sent for review
master: cbb12c7[[BR]] ipa-3-1: b6c81f2[[BR]] ipa-3-0: 5e831f1
Metadata Update from @dpal: - Issue assigned to mkosek - Issue set to the milestone: FreeIPA 3.0.2
Login to comment on this ticket.