During reinstalling the spa client as a part of migrating the host/client from Free IPA to RHEL7 IdM
Client is - CentOS 6.6
IdM is - FreeIPA, version: 4.6.4
Cause of the issue: Looks like this is a bug.
Details:
The host had old ldap configuration and old /etc/ipa/ca.crt was forcing ipa-client-install script to use cert as there was remnant configuration hanging around. But after running below command the spa client install went fine.
mv /etc/ipa/ca.crt /etc/ipa/ca.crt.Orig
As per RHEL7 - ipa-client-install --uninstall do not remove DNS entries from IPA server.
But in this case this was not applicable as the issue was totally client side one as it was using openldap server for authentication and authorization!
[root@idm-client ~]# ipa-client-install --enable-dns-updates --domain
Discovery was successful!
Happy Linux!
No comments:
Post a Comment