A failed client installation, for example for a bad OTP value, will include a lot of extra, incorrect output on the installation.
Joining realm failed: Incorrect password.
Installation failed. Rolling back changes. Unconfigured automount client failed: CalledProcessError(Command ['/usr/sbin/ipa-client-automount', '--uninstall', '--debug'] returned non-zero exit status 1: '') Disabling client Kerberos and LDAP configurations WARNING: Unable to revert to the pre-installation state ('authconfig' tool has been deprecated in favor of 'authselect'). The default sssd profile will be used instead. The authconfig arguments would have been: authconfig --disableldap --disablekrb5 --disablesssdauth --disablemkhomedir An error occurred while removing SSSD's cache.Please remove the cache manually by executing sssctl cache-remove -o. Redundant SSSD configuration file /etc/sssd/sssd.conf was moved to /etc/sssd/sssd.conf.deleted
The automount error is generated because check_client_configuration() raises a ScriptError with the wrong return value. It sets nothing which defaults to 1. It should be 2 (CLIENT_NOT_CONFIGURED)
The authconfig error is because the system has not gotten far enough to even try enabling authselect so because there is no value in sysrestore it assumes something went sideways.
Metadata Update from @rcritten: - Issue assigned to rcritten - Issue priority set to: normal - Issue set to the milestone: FreeIPA 4.7.2
PR https://github.com/freeipa/freeipa/pull/2446
master:
ipa-4-7:
Metadata Update from @frenaud: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.