Hello, I am new to this community and have a FreeIPA server install that is trusted to AD using AD dns.
I am having problems getting my clients to work properly. Everything seems to install properly the first time i try it but i get the following logs after that: (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [sdap_cli_connect_recv] (0x0040): Unable to establish connection [1432158225]: Authentication Failed (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [_be_fo_set_port_status] (0x8000): Setting status: PORT_NOT_WORKING. Called from: src/providers/ldap/sdap_async_connection.c: sdap_cli_connect_recv: 2048 (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [fo_set_port_status] (0x0100): Marking port 0 of server 'homeipa01.brad.local' as 'not working' (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [fo_set_port_status] (0x0400): Marking port 0 of duplicate server 'homeipa01.brad.local' as 'not working' (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [sdap_handle_release] (0x2000): Trace: sh[0x7efdeeccb150], connected[1], ops[(nil)], ldap[0x7efdeecf6730], destructor_lock[0], release_memory[0] (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [remove_connection_callback] (0x4000): Successfully removed connection callback. (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [sdap_id_op_connect_done] (0x4000): attempting failover retry on op #1 (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [sdap_id_op_connect_step] (0x4000): beginning to connect (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA' (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [get_server_status] (0x1000): Status of server 'homeipa01.brad.local' is 'name resolved' (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [get_port_status] (0x1000): Port status of port 389 for server 'homeipa01.brad.local' is 'not working' (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [get_server_status] (0x1000): Status of server 'homeipa01.brad.local' is 'name resolved' (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [get_port_status] (0x1000): Port status of port 0 for server 'homeipa01.brad.local' is 'not working' (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [fo_resolve_service_send] (0x0020): No available servers for service 'IPA' (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [sdap_id_op_connect_done] (0x4000): attempting failover retry on op #2 (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [sdap_id_op_connect_step] (0x4000): waiting for connection to complete (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [sdap_id_release_conn_data] (0x4000): releasing unused connection (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [be_resolve_server_done] (0x1000): Server resolution failed: [5]: Input/output error (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [sdap_id_op_connect_done] (0x0020): Failed to connect, going offline (5 [Input/output error]) (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [be_mark_offline] (0x2000): Going offline! (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [be_mark_offline] (0x2000): Enable check_if_online_ptask. (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [be_ptask_enable] (0x0400): Task [Check if online (periodic)]: enabling task (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [be_ptask_schedule] (0x0400): Task [Check if online (periodic)]: scheduling task 73 seconds from now [1490682941] (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [be_run_offline_cb] (0x0080): Going offline. Running callbacks. (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [sdap_id_op_connect_done] (0x4000): notify offline to op #1 (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [ipa_subdomains_refresh_connect_done] (0x0020): Unable to connect to LDAP [11]: Resource temporarily unavailable (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [ipa_subdomains_refresh_connect_done] (0x0080): No IPA server is available, cannot get the subdomain list while offline (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [be_ptask_done] (0x0040): Task [Subdomains Refresh]: failed with [1432158212]: SSSD is offline (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [be_ptask_schedule] (0x0400): Task [Subdomains Refresh]: scheduling task 14400 seconds from now [1490697268] (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [sdap_id_op_connect_done] (0x4000): notify offline to op #2 (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [ipa_sudo_refresh_connect_done] (0x0020): SUDO LDAP connection failed [11]: Resource temporarily unavailable (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [be_ptask_done] (0x0040): Task [SUDO Full Refresh]: failed with [11]: Resource temporarily unavailable (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [be_ptask_schedule] (0x0400): Task [SUDO Full Refresh]: scheduling task 21600 seconds from now [1490704468] (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [sdap_id_release_conn_data] (0x4000): releasing unused connection (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [delayed_online_authentication_callback] (0x0200): Backend is online, starting delayed online authentication. (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [be_ptask_offline_cb] (0x0400): Back end is offline (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [be_ptask_disable] (0x0400): Task [Subdomains Refresh]: disabling task (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [be_ptask_offline_cb] (0x0400): Back end is offline (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [be_ptask_disable] (0x0400): Task [SUDO Smart Refresh]: disabling task (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [be_ptask_offline_cb] (0x0400): Back end is offline (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [be_ptask_disable] (0x0400): Task [SUDO Full Refresh]: disabling task (Tue Mar 28 02:34:28 2017) [sssd[be[ipa.brad.local]]] [remove_krb5_info_files] (0x0200): Could not remove [/var/lib/sss/pubconf/kpasswdinfo.IPA.BRAD.LOCAL], [2][No such file or directory] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [be_ptask_execute] (0x0400): Back end is offline (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [be_ptask_execute] (0x0400): Task [Check if online (periodic)]: executing task, timeout 60 seconds (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [be_run_unconditional_online_cb] (0x4000): List of unconditional online callbacks is empty, nothing to do. (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [check_if_online] (0x2000): Trying to go back online! (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [fo_reset_services] (0x1000): Resetting all servers in all services (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [set_srv_data_status] (0x0100): Marking SRV lookup of service 'IPA' as 'neutral' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [set_server_common_status] (0x0100): Marking server 'homeipa01.brad.local' as 'name not resolved' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [fo_set_port_status] (0x0100): Marking port 389 of server 'homeipa01.brad.local' as 'neutral' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [fo_set_port_status] (0x0400): Marking port 389 of duplicate server 'homeipa01.brad.local' as 'neutral' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [set_server_common_status] (0x0100): Marking server 'homeipa01.brad.local' as 'name not resolved' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [fo_set_port_status] (0x0100): Marking port 0 of server 'homeipa01.brad.local' as 'neutral' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [fo_set_port_status] (0x0400): Marking port 0 of duplicate server 'homeipa01.brad.local' as 'neutral' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [dp_attach_req] (0x0400): DP Request [Online Check #8]: New request. Flags [0000]. (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [dp_attach_req] (0x0400): Number of active DP request: 1 (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [get_server_status] (0x1000): Status of server 'homeipa01.brad.local' is 'name not resolved' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [get_port_status] (0x1000): Port status of port 389 for server 'homeipa01.brad.local' is 'neutral' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [fo_resolve_service_activate_timeout] (0x2000): Resolve timeout set to 6 seconds (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [resolve_srv_send] (0x0200): The status of SRV lookup is neutral (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [collapse_srv_lookup] (0x0100): Need to refresh SRV lookup for domain ipa.brad.local (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [resolv_discover_srv_next_domain] (0x0400): SRV resolution of service 'ldap'. Will use DNS discovery domain 'ipa.brad.local' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [resolv_getsrv_send] (0x0100): Trying to resolve SRV record of '_ldap._tcp.ipa.brad.local' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [be_ptask_done] (0x0400): Task [Check if online (periodic)]: finished successfully (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [be_ptask_schedule] (0x0400): Task [Check if online (periodic)]: scheduling task 67 seconds from last execution time [1490683008] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [schedule_request_timeout] (0x2000): Scheduling a timeout of 6 seconds (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [schedule_timeout_watcher] (0x2000): Scheduling DNS timeout watcher (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [unschedule_timeout_watcher] (0x4000): Unscheduling DNS timeout watcher (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [resolv_getsrv_done] (0x1000): Using TTL [3600] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [request_watch_destructor] (0x0400): Deleting request watch (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [fo_discover_srv_done] (0x0400): Got answer. Processing... (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [fo_discover_srv_done] (0x0400): Got 1 servers (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [fo_add_server_to_list] (0x0400): Inserted primary server 'homeipa01.brad.local:389' to service 'IPA' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [set_srv_data_status] (0x0100): Marking SRV lookup of service 'IPA' as 'resolved' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [get_server_status] (0x1000): Status of server 'homeipa01.brad.local' is 'name not resolved' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [resolv_is_address] (0x4000): [homeipa01.brad.local] does not look like an IP address (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [resolv_gethostbyname_step] (0x2000): Querying files (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [resolv_gethostbyname_files_send] (0x0100): Trying to resolve A record of 'homeipa01.brad.local' in files (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [set_server_common_status] (0x0100): Marking server 'homeipa01.brad.local' as 'resolving name' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [resolv_gethostbyname_step] (0x2000): Querying files (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [resolv_gethostbyname_files_send] (0x0100): Trying to resolve AAAA record of 'homeipa01.brad.local' in files (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [resolv_gethostbyname_next] (0x0200): No more address families to retry (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [resolv_gethostbyname_step] (0x2000): Querying DNS (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [resolv_gethostbyname_dns_query] (0x0100): Trying to resolve A record of 'homeipa01.brad.local' in DNS (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [schedule_request_timeout] (0x2000): Scheduling a timeout of 6 seconds (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [schedule_timeout_watcher] (0x2000): Scheduling DNS timeout watcher (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [unschedule_timeout_watcher] (0x4000): Unscheduling DNS timeout watcher (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [resolv_gethostbyname_dns_parse] (0x1000): Parsing an A reply (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [request_watch_destructor] (0x0400): Deleting request watch (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [set_server_common_status] (0x0100): Marking server 'homeipa01.brad.local' as 'name resolved' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [be_resolve_server_process] (0x1000): Saving the first resolved server (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [be_resolve_server_process] (0x0200): Found address for server homeipa01.brad.local: [11.10.10.17] TTL 3600 (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [ipa_resolve_callback] (0x0400): Constructed uri 'ldap://homeipa01.brad.local' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [unique_filename_destructor] (0x2000): Unlinking [/var/lib/sss/pubconf/.krb5info_dummy_ir439Z] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [unlink_dbg] (0x2000): File already removed: [/var/lib/sss/pubconf/.krb5info_dummy_ir439Z] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sssd_async_socket_init_send] (0x4000): Using file descriptor [21] for the connection. (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sssd_async_socket_init_send] (0x0400): Setting 6 seconds timeout for connecting (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_ldap_connect_callback_add] (0x1000): New LDAP connection to [ldap://homeipa01.brad.local:389/??base] with fd [21]. (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_rootdse_send] (0x4000): Getting rootdse (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_print_server] (0x2000): Searching 11.10.10.17:389 (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][]. (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [*] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [altServer] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [namingContexts] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedControl] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedExtension] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedFeatures] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedLDAPVersion] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedSASLMechanisms] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [domainControllerFunctionality] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [defaultNamingContext] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [lastUSN] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [highestCommittedUSN] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_generic_ext_step] (0x2000): ldap_search_ext called, msgid = 1 (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_op_add] (0x2000): New operation 1 timeout 6 (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_process_result] (0x2000): Trace: sh[0x7efdeecce630], connected[1], ops[0x7efdeecff7a0], ldap[0x7efdeecae060] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_process_message] (0x4000): Message type: [LDAP_RES_SEARCH_ENTRY] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_entry] (0x1000): OriginalDN: []. (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_range] (0x2000): No sub-attributes for [objectClass] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_range] (0x2000): No sub-attributes for [vendorName] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_range] (0x2000): No sub-attributes for [vendorVersion] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_range] (0x2000): No sub-attributes for [dataversion] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_range] (0x2000): No sub-attributes for [netscapemdsuffix] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_range] (0x2000): No sub-attributes for [changeLog] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_range] (0x2000): No sub-attributes for [firstchangenumber] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_range] (0x2000): No sub-attributes for [lastchangenumber] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_range] (0x2000): No sub-attributes for [ipatopologypluginversion] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_range] (0x2000): No sub-attributes for [ipatopologyismanaged] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_range] (0x2000): No sub-attributes for [ipaDomainLevel] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_range] (0x2000): No sub-attributes for [namingContexts] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_range] (0x2000): No sub-attributes for [supportedControl] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_range] (0x2000): No sub-attributes for [supportedExtension] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_range] (0x2000): No sub-attributes for [supportedFeatures] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_range] (0x2000): No sub-attributes for [supportedLDAPVersion] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_range] (0x2000): No sub-attributes for [supportedSASLMechanisms] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_range] (0x2000): No sub-attributes for [defaultNamingContext] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_parse_range] (0x2000): No sub-attributes for [lastUSN] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_process_result] (0x2000): Trace: sh[0x7efdeecce630], connected[1], ops[0x7efdeecff7a0], ldap[0x7efdeecae060] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_process_message] (0x4000): Message type: [LDAP_RES_SEARCH_RESULT] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_op_destructor] (0x2000): Operation 1 finished (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_rootdse_done] (0x2000): Got rootdse (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_rootdse_done] (0x2000): Skipping auto-detection of match rule (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_server_opts_from_rootdse] (0x4000): USN value: 26095 (int: 26095) (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_kinit_send] (0x0400): Attempting kinit (default, host/bradltest01.brad.local, IPA.BRAD.LOCAL, 86400) (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_kinit_next_kdc] (0x1000): Resolving next KDC for service IPA (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [get_server_status] (0x1000): Status of server 'homeipa01.brad.local' is 'name resolved' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [fo_resolve_service_activate_timeout] (0x2000): Resolve timeout set to 6 seconds (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [resolve_srv_send] (0x0200): The status of SRV lookup is resolved (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [get_server_status] (0x1000): Status of server 'homeipa01.brad.local' is 'name resolved' (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [be_resolve_server_process] (0x1000): Saving the first resolved server (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [be_resolve_server_process] (0x0200): Found address for server homeipa01.brad.local: [11.10.10.17] TTL 3600 (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_kinit_kdc_resolved] (0x1000): KDC resolved, attempting to get TGT... (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [create_tgt_req_send_buffer] (0x0400): buffer size: 65 (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [child_handler_setup] (0x2000): Setting up signal handler up for pid [11463] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [child_handler_setup] (0x2000): Signal handler set up for pid [11463] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [set_tgt_child_timeout] (0x0400): Setting 6 seconds timeout for tgt child (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_process_result] (0x2000): Trace: sh[0x7efdeecce630], connected[1], ops[(nil)], ldap[0x7efdeecae060] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_process_result] (0x2000): Trace: end of ldap_result list (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [write_pipe_handler] (0x0400): All data has been sent! (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [child_sig_handler] (0x1000): Waiting for child [11463]. (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [child_sig_handler] (0x0100): child [11463] finished successfully. (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [read_pipe_handler] (0x0400): EOF received, client finished (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_get_tgt_recv] (0x0400): Child responded: 0 [FILE:/var/lib/sss/db/ccache_IPA.BRAD.LOCAL], expired on [1490769341] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_cli_auth_step] (0x0100): expire timeout is 900 (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sdap_cli_auth_step] (0x1000): the connection will expire at 1490683841 (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sasl_bind_send] (0x0100): Executing sasl bind mech: GSSAPI, user: host/bradltest01.brad.local (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sasl_bind_send] (0x0020): ldap_sasl_bind failed (-2)[Local error] (Tue Mar 28 02:35:41 2017) [sssd[be[ipa.brad.local]]] [sasl_bind_send] (0x0080): Extended failure message: [SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server krbtgt/brad.lo...@ipa.brad.LOCAL not found in Kerberos database)] If i uninstall and try to install again i get the following error: /usr/sbin/ipa-client-install was invoked with options: {'domain': 'ipa.brad.local', 'force': False, 'krb5_offline_passwords': True, 'ip_addresses': [], 'configure_firefox': False, 'primary': False, 'realm_name': None, 'force_ntpd': False, 'create_sshfp': True, 'conf_sshd': True, 'conf_ntp': False, 'on_master': False, 'no_nisdomain': False, 'nisdomain': None, 'ca_cert_file': None, 'principal': 'admin', 'keytab': None, 'hostname': None, 'request_cert': False, 'trust_sshfp': True, 'no_ac': False, 'unattended': None, 'all_ip_addresses': False, 'location': None, 'sssd': True, 'ntp_servers': None, 'kinit_attempts': 5, 'dns_updates': False, 'conf_sudo': True, 'conf_ssh': True, 'force_join': False, 'firefox_dir': None, 'server': None, 'prompt_password': False, 'permit': True, 'debug': True, 'preserve_sssd': False, 'mkhomedir': False, 'uninstall': False} missing options might be asked for interactively later IPA version 4.4.0-14.el7.centos.6 [IPA Discovery] Starting IPA discovery with domain=ipa.brad.local, servers=None, hostname=bradltest01.brad.local Search for LDAP SRV record in ipa.brad.local Search DNS for SRV record of _ldap._tcp.ipa.brad.local DNS record found: 0 100 389 homeipa01.brad.local. [Kerberos realm search] Search DNS for TXT record of _kerberos.ipa.brad.local DNS record not found: NXDOMAIN Search DNS for SRV record of _kerberos._udp.ipa.brad.local DNS record found: 0 100 88 homeipa01.brad.local. [LDAP server check] Verifying that homeipa01.brad.local (realm None) is an IPA server Init LDAP connection to: homeipa01.brad.local Search LDAP server for IPA base DN Check if naming context 'dc=ipa,dc=brad,dc=local' is for IPA Naming context 'dc=ipa,dc=brad,dc=local' is a valid IPA context Search for (objectClass=krbRealmContainer) in dc=ipa,dc=brad,dc=local (sub) Found: cn=IPA.BRAD.LOCAL,cn=kerberos,dc=ipa,dc=brad,dc=local Discovery result: Success; server=homeipa01.brad.local, domain=ipa.brad.local, kdc=homeipa01.brad.local, basedn=dc=ipa,dc=brad,dc=local Validated servers: homeipa01.brad.local will use discovered domain: ipa.brad.local Start searching for LDAP SRV record in "ipa.brad.local" (Validating DNS Discovery) and its sub-domains Search DNS for SRV record of _ldap._tcp.ipa.brad.local DNS record found: 0 100 389 homeipa01.brad.local. DNS validated, enabling discovery will use discovered server: homeipa01.brad.local Discovery was successful! will use discovered realm: IPA.BRAD.LOCAL will use discovered basedn: dc=ipa,dc=brad,dc=local Client hostname: bradltest01.brad.local Hostname source: Machine's FQDN Realm: IPA.BRAD.LOCAL Realm source: Discovered from LDAP DNS records in homeipa01.brad.local DNS Domain: ipa.brad.local DNS Domain source: Discovered LDAP SRV records from ipa.brad.local IPA Server: homeipa01.brad.local IPA Server source: Discovered from LDAP DNS records in homeipa01.brad.local BaseDN: dc=ipa,dc=brad,dc=local BaseDN source: From IPA server ldap://homeipa01.brad.local:389 Continue to configure the system with these values? [no]: yes Starting external process args=/usr/sbin/ipa-rmkeytab -k /etc/krb5.keytab -r IPA.BRAD.LOCAL Process finished, return code=5 stdout= stderr=realm not found Skipping synchronizing time with NTP server. Starting external process args=keyctl get_persistent @s 0 Process finished, return code=0 stdout=104729494 stderr= Enabling persistent keyring CCACHE Writing Kerberos configuration to /tmp/tmpsd7Fyb: #File modified by ipa-client-install includedir /etc/krb5.conf.d/ includedir /var/lib/sss/pubconf/krb5.include.d/ [libdefaults] default_realm = IPA.BRAD.LOCAL dns_lookup_realm = false dns_lookup_kdc = false rdns = false ticket_lifetime = 24h forwardable = true udp_preference_limit = 0 default_ccache_name = KEYRING:persistent:%{uid} [realms] IPA.BRAD.LOCAL = { kdc = homeipa01.brad.local:88 master_kdc = homeipa01.brad.local:88 admin_server = homeipa01.brad.local:749 kpasswd_server = homeipa01.brad.local:464 default_domain = ipa.brad.local pkinit_anchors = FILE:/etc/ipa/ca.crt } [domain_realm] .ipa.brad.local = IPA.BRAD.LOCAL ipa.brad.local = IPA.BRAD.LOCAL bradltest01.brad.local = IPA.BRAD.LOCAL .brad.local = IPA.BRAD.LOCAL brad.local = IPA.BRAD.LOCAL Initializing principal ad...@ipa.brad.LOCAL using password Starting external process args=/usr/bin/kinit ad...@ipa.brad.LOCAL -c /tmp/krbccfpGaQu/ccache Process finished, return code=0 stdout=Password for ad...@ipa.brad.LOCAL: stderr= trying to retrieve CA cert via LDAP from homeipa01.brad.local get_ca_certs_from_ldap() error: Insufficient access: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server krbtgt/brad.lo...@ipa.brad.LOCAL not found in Kerberos database) Insufficient access: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server krbtgt/brad.lo...@ipa.brad.LOCAL not found in Kerberos database) Unable to download CA cert from LDAP. Do you want to download the CA cert from http://homeipa01.brad.local/ipa/config/ca.crt? (this is INSECURE) [no]: yes Downloading the CA certificate via HTTP, this is INSECURE trying to retrieve CA cert via HTTP from http://homeipa01.brad.local/ipa/config/ca.crt Starting external process args=/usr/bin/curl -o - http://homeipa01.brad.local/ipa/config/ca.crt Process finished, return code=0 stdout=-----BEGIN CERTIFICATE----- MIIFazCCA1OgAwIBAgIQYau2KCRYq5hGa+sV/gII8zANBgkqhkiG9w0BAQUFADBI MRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxFDASBgoJkiaJk/IsZAEZFgRicmFkMRkw FwYDVQQDExBicmFkLUhPTUVDQTAxLUNBMB4XDTE3MDEyMTAwMTAzOVoXDTIyMDEy MTAwMjAzOFowSDEVMBMGCgmSJomT8ixkARkWBWxvY2FsMRQwEgYKCZImiZPyLGQB GRYEYnJhZDEZMBcGA1UEAxMQYnJhZC1IT01FQ0EwMS1DQTCCAiIwDQYJKoZIhvcN AQEBBQADggIPADCCAgoCggIBAJ8vxTTGRThnp8sYvOPNMs6t/PtfP/Bd5W0JYT/4 zpFE1pL6zHQ7BlyVyxVKg91YaYy/HgLoFQ6FfIaI15SWre5GSGmlZwR3NgRu0PCx EoCOBisSMCiIrSTAPJV745d7hArlPi9faeKpqaBSmsu3OE5uDdSqy2FiNCfUNmv+ oEJHqIk16eg+MvMCMHeOk/7fWrCC3hG+Maalo9u62cyo/xJ+EQa1YSfllPxgGE3r AV/+jKo3vq2LV6sEEYtoNOnTeGxwixhaC6p2Qxq2DD4IYmRPerz8FQiJiWDEuIyL L8jRiF2tKW2CF2OLreVxBSQ56NT5NyPDz2qsnV6Kz9PPaG+NFznG7FFNNaZ9nSaX YqiyHhhIuTdE8LIr7fBbLhW2aYT4Mrj4xRiuzpaAxCn9zoDIgk95XsSpjP/upG2n B2RzwmY/vAigE7XsR3Qr4HNuUQUfqJj+M+lp+OmLiQhXKDEqnM8YAPnJv/TTUlKL Q8dABrL/nAsm7hbIz1CBHQGIU9ScGDgi1xmxGV5VfOd70OqJN1U2TbwL+oHh8kSw 6hBkYniUqHFfedBWTYwjMDUlh2fXco9VDJFV9I8CDUSXi+l6MYuwYYN8xZjEAFj1 bCib7vLrCj6W2rDjzuRF+AJF3nWF/WekyoPk+Y9NI27EgcR587GlFvSA0Iiy38Hk sROtAgMBAAGjUTBPMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud DgQWBBQQ1Sn0uCerKAA+WfPUL0Y6fJ6OxDAQBgkrBgEEAYI3FQEEAwIBADANBgkq hkiG9w0BAQUFAAOCAgEActCFolsyfeyp0AzspbmIiqb7q3/wId/arbX+TsKeR+Pd 8nrUuSTaCASnbjRi069uZ/+CYeZDWuUqnUeOcmsX5iRsdwHztf5F5ON5Qlhsat2y RQyclB8yC52Yv+opCxU5kWgL/j8S0uDfm/XIhIAMwtBim22Wvt/2b82ceWGNdmd5 /PReO7tNO7pDVyAd5Ltren8hIOxfAGNztU/oKz3ph36qKyNYL3lA3UYVMMFKLn4o HzJjObISHBJfS+n+T0yntSMevt/yjbg5a/0t8I63IvsZlMqFJJakZ+Vxr4amtHHS CsS5eGIAvTzTsU5uQ9H59WFbKlUsH39uSESKIvtE5RnPZmfyIxuD+Ol+l9qcikEL E3hp3LoPNx/t75oR+NkMwfBt4pYB0goeYiEt7T0OJKPSlrq3fY2iJW4X0zcaRrFX 1Dm5pZv3KOUcn7vIjATMui6KfNWgmnIUNX2t0mIfwJ84NQhNRvuePgNn1449mUpo DCNgWbhofQD2uLWX0HPQJmrBf0xOlLAMpubVVgVCVp+2qUVWDBq+HkjsqZRphnHk xXE2k8Ze/SUtHzP1DafThtP28991GY70aboIbls7MrZvOGaT5IlCKk65BTqT66/W DYznMTU0p1BAPritw7yBQVQXWh1EBAbT0Zz+fGIzBcxoeGV44tXpWpLZwcwhJo8= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIGvjCCBKagAwIBAgITHQAAAAnwrIVvC23kXwAAAAAACTANBgkqhkiG9w0BAQUF ADBIMRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxFDASBgoJkiaJk/IsZAEZFgRicmFk MRkwFwYDVQQDExBicmFkLUhPTUVDQTAxLUNBMB4XDTE3MDMyNTIwNDUzN1oXDTE5 MDMyNTIwNTUzN1owOTEXMBUGA1UEChMOSVBBLkJSQUQuTE9DQUwxHjAcBgNVBAMT FUNlcnRpZmljYXRlIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAKAZxtb8lGt3TPxT2hMY1u+tWb8nMDdewoVcpKh3ejvEN16cnpyb8BM+ nr+pjmtANHZ70X9rhyJI7K4lnYgeurE4+ORt1HBRsBqbYMu3NYRCU6R9mlKtJMbg S6wja3Vp3HmlWhv8eU9g+AH+CALQ5hlJJJTIifUcX79B3ZJdlUSdnWnRkVi48h5P Min9Ek3IAy8JBfPSzzZQkfPBd0iBqvg887Di1wS8QkOaIP1lz0GkxDEbLBbVyXKE PndEIhiSDjMitv3cSuLzdortajSUPGkchsX01DCQQWkj5LLY/uSrq35p/HF55mbA 6o/I4fTNWNe0aXTS0GGdCO8tLljbGfUCAwEAAaOCAq4wggKqMBkGCSsGAQQBgjcU AgQMHgoAUwB1AGIAQwBBMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGG MB0GA1UdDgQWBBRAxpShbiY7S1phNzVlNnpYo/4DGDAfBgNVHSMEGDAWgBQQ1Sn0 uCerKAA+WfPUL0Y6fJ6OxDCCAQkGA1UdHwSCAQAwgf0wgfqggfeggfSGgbdsZGFw Oi8vL0NOPWJyYWQtSE9NRUNBMDEtQ0EsQ049aG9tZWNhMDEsQ049Q0RQLENOPVB1 YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3VyYXRp b24sREM9YnJhZCxEQz1sb2NhbD9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jh c2U/b2JqZWN0Q2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnSGOGh0dHA6Ly9ob21l Y2EwMS5icmFkLmxvY2FsL0NlcnREYXRhL2JyYWQtSE9NRUNBMDEtQ0EuY3JsMIIB HQYIKwYBBQUHAQEEggEPMIIBCzCBrgYIKwYBBQUHMAKGgaFsZGFwOi8vL0NOPWJy YWQtSE9NRUNBMDEtQ0EsQ049QUlBLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2Vz LENOPVNlcnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9YnJhZCxEQz1sb2NhbD9j QUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNhdGlvbkF1dGhv cml0eTBYBggrBgEFBQcwAoZMaHR0cDovL2hvbWVjYTAxLmJyYWQubG9jYWwvQ2Vy dERhdGEvaG9tZWNhMDEuYnJhZC5sb2NhbF9icmFkLUhPTUVDQTAxLUNBLmNydDAN BgkqhkiG9w0BAQUFAAOCAgEANfSlBa5FmsEt6bx4lbPP6EJ2OvKLq8K5SVvrLosa JpiFx6qdN33JeSyKsyRKyfbK6Pigolj9cCZuBpyGdyD64cd7HSPwjH1FFRNbYDCc CvCgpAgRHYejPmuVemp1bRb05ZS8EFsJz18UWRyO4U9GJIXArGJ7ZWumzsfndtm1 qAolNCMusweMytboWt/gjO5FFUn4B7Z8Q+EEi9SxOBGoyHNzZS7ZsBxpq4zvG+oh bBq3QH00lOnfPGlY9M8mYCBkDBsw/6Pp+3ffOOqlCM4ncdBmrsZyiJYprb+zsEKM 1K8H2+l7DNl/f818LG0AUYXM++lKjn5HOq9dvHGCRwngGtn16W6ujxYaiALB5Gxl sQMs5JggGV48cAEjDpxtK5+WZUe1Kpas32sgKr3vCfSTham9/KbOxXiBq2T19h6h /tZUxv7t75EncTYc2KR8/Dd7VvrIbctPatUJvN83yIWnLgzJIWskCN8LRQbD7T3y 9EjdG/7Nv+WDfo7SBeXxtJbcXOHFW4C3CcQTZAsGxfzSHl1WknowtmifoM4tdq0o GPa5+D3p/fmJNz6yhdzTjPRVngwTMJIK2dXTeSQfSKDCHQHp4GHQN0L3eYTmBR0z pjEX1C56uFr4hMSd49cQKMW2FXUld3QIKrpo6SMso8myGe6C52If8BjAhsXGBv1V gr8= -----END CERTIFICATE----- stderr= % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 4402 100 4402 0 0 597k 0 --:--:-- --:--:-- --:--:-- 614k Successfully retrieved CA cert Subject: CN=brad-HOMECA01-CA,DC=brad,DC=local Issuer: CN=brad-HOMECA01-CA,DC=brad,DC=local Valid From: Sat Jan 21 00:10:39 2017 UTC Valid Until: Fri Jan 21 00:20:38 2022 UTC Subject: CN=Certificate Authority,O=IPA.BRAD.LOCAL Issuer: CN=brad-HOMECA01-CA,DC=brad,DC=local Valid From: Sat Mar 25 20:45:37 2017 UTC Valid Until: Mon Mar 25 20:55:37 2019 UTC Starting external process args=/usr/sbin/ipa-join -s homeipa01.brad.local -b dc=ipa,dc=brad,dc=local -h bradltest01.brad.local -d Process finished, return code=17 stdout= stderr=XML-RPC CALL: <?xml version="1.0" encoding="UTF-8"?>\r\n <methodCall>\r\n <methodName>join</methodName>\r\n <params>\r\n <param><value><array><data>\r\n <value><string>bradltest01.brad.local</string></value>\r\n </data></array></value></param>\r\n <param><value><struct>\r\n <member><name>nsosversion</name>\r\n <value><string>3.10.0-514.6.1.el7.x86_64</string></value></member>\r\n <member><name>nshardwareplatform</name>\r\n <value><string>x86_64</string></value></member>\r\n </struct></value></param>\r\n </params>\r\n </methodCall>\r\n * About to connect() to homeipa01.brad.local port 443 (#0) * Trying 11.10.10.17... * Connected to homeipa01.brad.local (11.10.10.17) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/ipa/ca.crt CApath: none * SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 * Server certificate: * subject: CN=homeipa01.brad.local,O=IPA.BRAD.LOCAL * start date: Mar 25 21:13:09 2017 GMT * expire date: Mar 25 20:55:37 2019 GMT * common name: homeipa01.brad.local * issuer: CN=Certificate Authority,O=IPA.BRAD.LOCAL > POST /ipa/xml HTTP/1.1 Host: homeipa01.brad.local Accept: */* Content-Type: text/xml User-Agent: ipa-join/4.4.0 Referer: https://homeipa01.brad.local/ipa/xml X-Original-User-Agent: Xmlrpc-c/1.32.5 Curl/7.29.0 Content-Length: 482 * upload completely sent off: 482 out of 482 bytes < HTTP/1.1 401 Unauthorized < Date: Tue, 28 Mar 2017 12:57:48 GMT < Server: Apache/2.4.6 (CentOS) mod_auth_gssapi/1.4.0 mod_nss/1.0.14 NSS/3.21 Basic ECC mod_wsgi/3.4 Python/2.7.5 * gss_init_sec_context() failed: : Server krbtgt/brad.lo...@ipa.brad.LOCAL not found in Kerberos database < WWW-Authenticate: Negotiate < X-Frame-Options: DENY < Content-Security-Policy: frame-ancestors 'none' < Last-Modified: Fri, 03 Mar 2017 00:56:04 GMT < Accept-Ranges: bytes < Content-Length: 1474 < Content-Type: text/html; charset=UTF-8 < * Connection #0 to host homeipa01.brad.local left intact HTTP response code is 401, not 200 Joining realm failed: XML-RPC CALL: <?xml version="1.0" encoding="UTF-8"?>\r\n <methodCall>\r\n <methodName>join</methodName>\r\n <params>\r\n <param><value><array><data>\r\n <value><string>bradltest01.brad.local</string></value>\r\n </data></array></value></param>\r\n <param><value><struct>\r\n <member><name>nsosversion</name>\r\n <value><string>3.10.0-514.6.1.el7.x86_64</string></value></member>\r\n <member><name>nshardwareplatform</name>\r\n <value><string>x86_64</string></value></member>\r\n </struct></value></param>\r\n </params>\r\n </methodCall>\r\n * About to connect() to homeipa01.brad.local port 443 (#0) * Trying 11.10.10.17... * Connected to homeipa01.brad.local (11.10.10.17) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/ipa/ca.crt CApath: none * SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 * Server certificate: * subject: CN=homeipa01.brad.local,O=IPA.BRAD.LOCAL * start date: Mar 25 21:13:09 2017 GMT * expire date: Mar 25 20:55:37 2019 GMT * common name: homeipa01.brad.local * issuer: CN=Certificate Authority,O=IPA.BRAD.LOCAL > POST /ipa/xml HTTP/1.1 Host: homeipa01.brad.local Accept: */* Content-Type: text/xml User-Agent: ipa-join/4.4.0 Referer: https://homeipa01.brad.local/ipa/xml X-Original-User-Agent: Xmlrpc-c/1.32.5 Curl/7.29.0 Content-Length: 482 * upload completely sent off: 482 out of 482 bytes < HTTP/1.1 401 Unauthorized < Date: Tue, 28 Mar 2017 12:57:48 GMT < Server: Apache/2.4.6 (CentOS) mod_auth_gssapi/1.4.0 mod_nss/1.0.14 NSS/3.21 Basic ECC mod_wsgi/3.4 Python/2.7.5 * gss_init_sec_context() failed: : Server krbtgt/brad.lo...@ipa.brad.LOCAL not found in Kerberos database < WWW-Authenticate: Negotiate < X-Frame-Options: DENY < Content-Security-Policy: frame-ancestors 'none' < Last-Modified: Fri, 03 Mar 2017 00:56:04 GMT < Accept-Ranges: bytes < Content-Length: 1474 < Content-Type: text/html; charset=UTF-8 < * Connection #0 to host homeipa01.brad.local left intact HTTP response code is 401, not 200 Installation failed. Rolling back changes. IPA client is not configured on this system. Kinda at loss on what to try next and where to look so any direction would be much appreciated. Thank you, Bradley Bishop
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
