I have configured the realm proxy as per the docs at Foreman :: Manual
I created a freeipa user using foreman-prepare-realm again as set out in the docs, which is created fine. I have triple checked the realm.yml and realm_freeipa.yml to ensure they are correct. I have created the realm in the foreman ui, and all looks good (the “Realm” feature is visible in smart proxies section and shows no failed features).
I would expect newly provisioned hosts to join the configured realm, but I can’t even provision a machine if the realm is set, I get an error as shown below.
The docs suggest chowning the freeipa.keytab file to foreman-proxy. I have tried this, and setting perms to 0666, to no effect.
[ProxyAPI::ProxyException]: Unable to create realm entry ([RestClient::BadRequest]: 400 Bad Request) for proxy