On our clients when attempting to run ipa-certupdate we are seeing the following error:
ipa.ipapython.ipaldap.SchemaCache: DEBUG: retrieving schema for SchemaCache url=ldap://ldap2.int.ba.mydomain.local:389 conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x46dc5a8>
ipa.ipaclient.ipa_certupdate.CertUpdate: DEBUG: File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 171, in execute
return_value = self.run()
File "/usr/lib/python2.7/site-packages/ipaclient/ipa_certupdate.py", line 87, in run
lwcas = api.Command.ca_find()['result']
File "/usr/lib/python2.7/site-packages/ipalib/plugable.py", line 336, in __getattr__
ipa.ipaclient.ipa_certupdate.CertUpdate: DEBUG: The ipa-certupdate command failed, exception: AttributeError: ca_find
ipa.ipaclient.ipa_certupdate.CertUpdate: ERROR: ca_find
ipa.ipaclient.ipa_certupdate.CertUpdate: ERROR: The ipa-certupdate command failed.
We have recently migrated to using an external CA and that went smoothly other than this. We had not tried prior to that to run this command. So far this is happening on all of the nodes we have tried. It does seem our server version (4.2.0) and client version (4.4.0) are out of sync. Would that be the cause, or is there something else I should be looking at.