Re: can't log in if pxe install was by another tjener

To: debian-edu <debian-edu@lists.debian.org>
Subject: Re: can't log in if pxe install was by another tjener
From: Petter Reinholdtsen <pere@hungry.com>
Date: Sun, 25 Aug 2013 20:46:46 +0200
Message-id: <[🔎] 2flmwo5txpl.fsf@diskless.uio.no>
In-reply-to: <[🔎] CADLSRd55KgbbaM2RFTjRv61NWL9=cdkteBDuM2upPHVApZGuWA@mail.gmail.com>
References: <[🔎] CADLSRd55KgbbaM2RFTjRv61NWL9=cdkteBDuM2upPHVApZGuWA@mail.gmail.com>

[Nigel Barker]
> Hi All,
> 
> I installed some workstations by pxe from my test tjener, and they don't
> work on the new tjener.
> Workstations installed by usb netinst are fine.
> 
> I am just going to go ahead and set them all to re-install, because school
> starts tomorrow (!) but I just wanted to post this for others. Perhaps the
> fix is easy, but if not, then maybe this could save some time for
> someone.

This is know, as designed, and the fix is easy.

At install time, the SSL certificate to the LDAP server is recorded, and
if another server "impersonate" the LDAP server, connections are
rejected.  To fix it, remove /etc/ldap/ssl/ldap-server-pubkey.pem on the
clients and reboot on the new Debian Edu backbone network (or run 
'service fetch-ldap-cert start' on the new network).

-- 
Happy hacking
Petter Reinholdtsen

Reply to:

References:
- can't log in if pxe install was by another tjener
  - From: Nigel Barker <tech@hiroshima-is.ac.jp>

Prev by Date: Re: Some testresults b1 combined server
Next by Date: Groups again
Previous by thread: can't log in if pxe install was by another tjener
Next by thread: Processed: Re: Bug#720718: debian-edu-artwork: FTBFS: delegate failed `"rsvg-convert" -o "%o" "%i"'
Index(es):
- Date
- Thread