IPA client install fails when domain/realm are changed #37
Comments
|
Hi Joseph, |
|
@robruma yes. Both deactivate and clean have failed us. |
|
Did you ever find a solution to this problem? When I'm setting up a replica I'm getting a similar error message. When commenting out all the lines in masterprincipal.pp that depend on the exported resource, I get the error message @jyaworski posted instead.
|
|
I figured this out, its due to exported resources as suspected. If you have multiple environments or end up having multiple servers set up as the master server and the configs are sent to puppetdb, when the catalog for a replica is compiled, it will pull in all the tags for the exported resource, regardless of the server name and regardless of the environment. An example is if you have two servers named 'ipa-master.example.com' and 'ipa-master-testing.example.com' and configure them both as masters for the domain/realm 'example.com'. They will both export a resource named 'ipa-master-principal-example.com'. When a replica is created, it will find two tags for 'ipa-master-principal-example.com', hence the error messages about duplicates. The solution was to delete everything except the one master from puppetdb. https://tickets.puppetlabs.com/browse/PUP-2217 and https://tickets.puppetlabs.com/browse/PUP-1078 are related. |
Hello:
We had an existing domain and realm for a machine, and then changed it. It looks like we're being hit by this bug:
https://tickets.puppetlabs.com/browse/PDB-134
I suspect it has something to do with the exported resources used by this module.
Could not retrieve catalog from remote server: Error 400 on SERVER: Duplicate declaration: Exec[client-install-r1.domain] is already declared in file /etc/puppet/environments/development/modules/ipa/manifests/clientinstall.pp:44; cannot redeclare at /etc/puppet/environments/development/modules/ipa/manifests/clientinstall.pp:44 on node r1.domainThe text was updated successfully, but these errors were encountered: