Natxo Asenjo via FreeIPA-users wrote: > so, what do you see in /var/log/ipaclient-install.log?
And does it fail interactively as well? You'll see the login as a BIND to the 389-ds server on your IPA master so look in /var/log/dirsrv/slapd-REALM/access for more information on what happened. It might be useful. rob > > On Sun, Mar 29, 2020 at 9:34 AM Faraz Younus <[email protected] > <mailto:[email protected]>> wrote: > > Yes I double checked password is ok on both sides > > On Sun, Mar 29, 2020 at 12:21 PM Natxo Asenjo via FreeIPA-users > <[email protected] > <mailto:[email protected]>> wrote: > > > > On Sun, Mar 29, 2020 at 8:10 AM Faraz Younus via FreeIPA-users > <[email protected] > <mailto:[email protected]>> wrote: > > Hi Team, > > command: /usr/sbin/ipa-client-install --domain > example.com <http://example.com> --mkhomedir > --password abc123 " --server ipa9.example.com > <http://ipa9.example.com> --unattended > > > e, "cmd": ["/usr/sbin/ipa-client-install", "--domain", > "fixedandmobile.com <http://fixedandmobile.com>", > "--mkhomedir", "--password", "abc123", "--server", > "ipa9.example.com <http://ipa9.example.com>", > "--unattended"], "delta": "0:01:03.451321", "end": > "2020-03-29 05:57:22.013451", "msg": "non-zero return code", > "rc": 1, "start": "2020-03-29 05:56:18.562130", "stderr": > "Hostname: ipacentos.example.com > <http://ipacentos.example.com>\nRealm: EXAMPLE.COM > <http://EXAMPLE.COM>\nDNS Domain: example.com > <http://example.com>\nIPA Server: ipa9.example.com > <http://ipa9.example.com>\nBaseDN: > dc=example,dc=com\nSynchronizing time with KDC...\nUnable to > sync time with IPA NTP server, assuming the time is in sync. > Please check that 123 UDP port is opened.\nOTP case, CA cert > preexisted, use it\nJoining realm failed: Incorrect > password.\n\nInstallation failed. Rolling back changes.\nIPA > client is not configured on this system.", "stderr_lines": > ["Hostname: ipacentos.example.com > <http://ipacentos.example.com>", "Realm:EXAMPLE.COM > <http://EXAMPLE.COM>", "DNS Domain: example.com > <http://example.com>", "IPA Server: ipa9.example.com > <http://ipa9.example.com>", "BaseDN: dc=example,dc=com", > "Synchronizing time with KDC...", "Unable to sync time with > IPA NTP server, assuming the time is in sync. Please check > that 123 UDP port is opened.", "OTP case, CA cert > preexisted, use it", "Joining realm failed: Incorrect > password.", "", "Installation failed. Rolling back > changes.", "IPA client is not configured on this system."], > "stdout": "\u001b[?1034h", "stdout_lines": ["\u001b[?1034h"]} > > > > it does say 'incorrect password', did you check that? > > -- > Groeten, > natxo > _______________________________________________ > FreeIPA-users mailing list -- > [email protected] > <mailto:[email protected]> > To unsubscribe send an email to > [email protected] > <mailto:[email protected]> > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: > https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > > https://lists.fedorahosted.org/archives/list/[email protected] > > > > -- > -- > Groeten, > natxo > > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
