Dmitry Krasov via FreeIPA-users wrote:
Centos 9 ipa-client install error:
Failed to obtain host TGT: Major (458752): No credentials were supplied, or the
credentials were unavailable or inaccessible, Minor (2529639122): Pre-authentication
failed: No key table entry found for host/ipaclient.dom.loc(a)DOM.LOC
----------------------------------------------
This program will set up IPA client.
Version 4.11.0
Client hostname: ipaclient.dom.loc
Realm: DOM.LOC
DNS Domain: dom.loc
IPA Server: ipa.dom.loc
BaseDN: dc=dom,dc=loc
Synchronizing time
Configuration of chrony was changed by installer.
Attempting to sync time with chronyc.
Time synchronization was successful.
Successfully retrieved CA cert
Subject: CN=Certificate Authority,O=DOM.LOC
Issuer: CN=Certificate Authority,O=DOM.LOC
Valid From: 2022-12-12 10:19:12+00:00
Valid Until: 2042-12-12 10:19:12+00:00
Enrolled in IPA realm DOM.LOC
Please make sure the following ports are opened in the firewall settings:
TCP: 80, 88, 389
UDP: 88 (at least one of TCP/UDP ports 88 has to be open)
Also note that following ports are necessary for ipa-client working properly after
enrollment:
TCP: 464
UDP: 464, 123 (if NTP enabled)
Failed to obtain host TGT: Major (458752): No credentials were supplied, or the
credentials were unavailable or inaccessible, Minor (2529639122): Pre-authentication
failed: No key table entry found for host/ipaclient.dom.loc(a)DOM.LOC
Installation failed. Rolling back changes.
Disabling client Kerberos and LDAP configurations
Restoring client configuration files
nscd daemon is not installed, skip configuration
nslcd daemon is not installed, skip configuration
Client uninstall complete.
We need to see /var/log/ipaclient-install.log to be able to tell what is
going on.
Did you confirm that the mentioned ports are open to the client?
rob