Hi
i installed ipa server but when i try to install ipa-client, this error was showed:
Error checking LDAP: Operation error: 000004DC: LdapErr: DSID-0C0907c2, comment: In order to perform this operation a successful bind must be completed on the connection.
it shows FQDN of my windows DNS Server instead of IPA server FQDN. and produced an error that is attached.
Additional info:
i have a windows DNS server.
Log file of ipaclient_intsall.log
2019-08-18T10:00:08Z DEBUG Logging to /var/log/ipaclient-install.log
2019-08-18T10:00:08Z DEBUG ipa-client-install was invoked with arguments [] and options: {'no_dns_sshfp': False, 'force': False, 'verbose': False, 'ip_addresses': None, 'configure_firefox': False, 'realm_name': None, 'force_ntpd': False, 'on_master': False, 'no_nisdomain': False, 'ssh_trust_dns': False, 'principal': None, 'keytab': None, 'no_ntp': False, 'domain_name': None, 'request_cert': False, 'fixed_primary': False, 'no_ac': False, 'no_sudo': False, 'ca_cert_files': None, 'all_ip_addresses': False, 'kinit_attempts': None, 'ntp_servers': None, 'enable_dns_updates': False, 'no_sshd': False, 'no_sssd': False, 'no_krb5_offline_passwords': False, 'servers': None, 'no_ssh': False, 'force_join': False, 'firefox_dir': None, 'unattended': False, 'quiet': False, 'nisdomain': None, 'prompt_password': False, 'host_name': None, 'permit': False, 'automount_location': None, 'preserve_sssd': False, 'mkhomedir': True, 'log_file': None, 'uninstall': False}
2019-08-18T10:00:08Z DEBUG IPA version 4.6.4-10.el7.centos.3
2019-08-18T10:00:08Z DEBUG Loading Index file from '/var/lib/ipa-client/sysrestore/sysrestore.index'
2019-08-18T10:00:08Z DEBUG Starting external process
2019-08-18T10:00:08Z DEBUG args=/usr/sbin/selinuxenabled
2019-08-18T10:00:08Z DEBUG Process finished, return code=0
2019-08-18T10:00:08Z DEBUG stdout=
2019-08-18T10:00:08Z DEBUG stderr=
2019-08-18T10:00:08Z DEBUG Starting external process
2019-08-18T10:00:08Z DEBUG args=/bin/systemctl is-enabled chronyd.service
2019-08-18T10:00:08Z DEBUG Process finished, return code=1
2019-08-18T10:00:08Z DEBUG stdout=disabled
2019-08-18T10:00:08Z DEBUG stderr=
2019-08-18T10:00:08Z DEBUG Starting external process
2019-08-18T10:00:08Z DEBUG args=/bin/systemctl is-active chronyd.service
2019-08-18T10:00:08Z DEBUG Process finished, return code=3
2019-08-18T10:00:08Z DEBUG stdout=inactive
2019-08-18T10:00:08Z DEBUG stderr=
2019-08-18T10:00:08Z DEBUG [IPA Discovery]
2019-08-18T10:00:08Z DEBUG Starting IPA discovery with domain=None, servers=None, hostname=ipacli-irvlt01.shs.dc
2019-08-18T10:00:08Z DEBUG Start searching for LDAP SRV record in "shs.dc" (domain of the hostname) and its sub-domains
2019-08-18T10:00:08Z DEBUG Search DNS for SRV record of _ldap._tcp.shs.dc
2019-08-18T10:00:10Z DEBUG DNS record found: 0 100 389 dc-irvwp02.shs.dc.
2019-08-18T10:00:10Z DEBUG DNS record found: 0 100 389 dc-irvwp01.shs.dc.
2019-08-18T10:00:10Z DEBUG [Kerberos realm search]
2019-08-18T10:00:10Z DEBUG Search DNS for TXT record of _kerberos.shs.dc
2019-08-18T10:00:10Z DEBUG DNS record not found: NXDOMAIN
2019-08-18T10:00:10Z DEBUG Search DNS for SRV record of _kerberos._udp.shs.dc
2019-08-18T10:00:10Z DEBUG DNS record found: 0 100 88 dc-irvwp01.shs.dc.
2019-08-18T10:00:10Z DEBUG DNS record found: 0 100 88 dc-irvwp02.shs.dc.
2019-08-18T10:00:10Z DEBUG [LDAP server check]
2019-08-18T10:00:10Z DEBUG Verifying that dc-irvwp02.shs.dc (realm None) is an IPA server
2019-08-18T10:00:10Z DEBUG Init LDAP connection to: ldap://dc-irvwp02.shs.dc:389
2019-08-18T10:00:10Z DEBUG Search LDAP server for IPA base DN
2019-08-18T10:00:10Z DEBUG Check if naming context 'DC=SHS,DC=DC' is for IPA
2019-08-18T10:00:10Z DEBUG Unhandled LDAPError: OPERATIONS_ERROR: {'info': '000004DC: LdapErr: DSID-0C0907C2, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580', 'desc': 'Operations error'}
2019-08-18T10:00:10Z ERROR Error checking LDAP: Operations error: 000004DC: LdapErr: DSID-0C0907C2, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580
2019-08-18T10:00:10Z DEBUG Cannot connect to LDAP server. Check that minssf is not enabled
2019-08-18T10:00:10Z DEBUG Assuming realm is the same as domain: SHS.DC
2019-08-18T10:00:10Z DEBUG Generated basedn from realm: dc=shs,dc=dc
2019-08-18T10:00:10Z DEBUG Discovery result: NO_TLS_LDAP; server=None, domain=shs.dc, kdc=dc-irvwp01.shs.dc,dc-irvwp02.shs.dc, basedn=dc=shs,dc=dc
2019-08-18T10:00:10Z DEBUG Validated servers: dc-irvwp02.shs.dc
2019-08-18T10:00:10Z DEBUG will use discovered domain: shs.dc
2019-08-18T10:00:10Z DEBUG Start searching for LDAP SRV record in "shs.dc" (Validating DNS Discovery) and its sub-domains
2019-08-18T10:00:10Z DEBUG Search DNS for SRV record of _ldap._tcp.shs.dc
2019-08-18T10:00:10Z DEBUG DNS record found: 0 100 389 dc-irvwp01.shs.dc.
2019-08-18T10:00:10Z DEBUG DNS record found: 0 100 389 dc-irvwp02.shs.dc.
2019-08-18T10:00:10Z DEBUG DNS validated, enabling discovery
2019-08-18T10:00:10Z DEBUG will use discovered server: dc-irvwp02.shs.dc
2019-08-18T10:00:10Z INFO Discovery was successful!
2019-08-18T10:00:10Z DEBUG will use discovered realm: SHS.DC
2019-08-18T10:00:10Z DEBUG will use discovered basedn: dc=shs,dc=dc
2019-08-18T10:00:10Z INFO Client hostname: ipacli-irvlt01.shs.dc
2019-08-18T10:00:10Z DEBUG Hostname source: Machine's FQDN
2019-08-18T10:00:10Z INFO Realm: SHS.DC
2019-08-18T10:00:10Z DEBUG Realm source: Assumed same as domain
2019-08-18T10:00:10Z INFO DNS Domain: shs.dc
2019-08-18T10:00:10Z DEBUG DNS Domain source: Discovered LDAP SRV records from shs.dc (domain of the hostname)
2019-08-18T10:00:10Z INFO IPA Server: dc-irvwp02.shs.dc
2019-08-18T10:00:10Z DEBUG IPA Server source: Discovered LDAP SRV records from shs.dc (domain of the hostname)
2019-08-18T10:00:10Z INFO BaseDN: dc=shs,dc=dc
2019-08-18T10:00:10Z DEBUG BaseDN source: Generated from Kerberos realm
2019-08-18T10:00:15Z DEBUG File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 178, in execute
return_value = self.run()
File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 319, in run
return cfgr.run()
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 362, in run
self.validate()
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 371, in validate
for _nothing in self._validator():
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434, in __runner
exc_handler(exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 458, in _handle_validate_exception
self._handle_exception(exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception
six.reraise(exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424, in __runner
step()
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in <lambda>
step = lambda: next(self.__gen)
File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from
six.reraise(exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from
value = gen.send(prev_value)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 636, in _configure
next(validator)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434, in __runner
exc_handler(exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 458, in _handle_validate_exception
self._handle_exception(exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 521, in _handle_exception
self.__parent._handle_exception(exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception
six.reraise(exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 518, in _handle_exception
super(ComponentBase, self)._handle_exception(exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453, in _handle_exception
six.reraise(exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424, in __runner
step()
File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in <lambda>
step = lambda: next(self.__gen)
File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from
six.reraise(*exc_info)
File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from
value = gen.send(prev_value)
File "/usr/lib/python2.7/site-packages/ipapython/install/common.py", line 65, in _install
for unused in self._installer(self.parent):
File "/usr/lib/python2.7/site-packages/ipaclient/install/client.py", line 3630, in main
install_check(self)
File "/usr/lib/python2.7/site-packages/ipaclient/install/client.py", line 2312, in install_check
raise ScriptError(rval=CLIENT_INSTALL_ERROR)
2019-08-18T10:00:15Z DEBUG The ipa-client-install command failed, exception: ScriptError:
2019-08-18T10:00:15Z ERROR The ipa-client-install command failed. See /var/log/ipaclient-install.log for more information