我有一个新的RHEL 7.2服务器安装,我想join到AD域。 我已经在AD中预先安装了计算机名称,当按照“ 红帽企业版Linux 7 Windows集成指南”中的说明操作时,会出现以下情况。
我在我的部门使用分割DNS:权威的校园内的DNS服务器正在运行BIND, 不支持dynamic更新,所以我在我的部门运行一对Windows DNS服务器。
思考?
谢谢!
[root@dept-example ~]# realm discover -v example.edu * Resolving: _ldap._tcp.example.edu * Performing LDAP DSE lookup on: 192.0.2.177 * Performing LDAP DSE lookup on: 192.0.2.176 * Successfully discovered: example.edu example.edu type: kerberos realm-name: EXAMPLE.EDU domain-name: example.edu configured: no server-software: active-directory client-software: sssd required-package: oddjob required-package: oddjob-mkhomedir required-package: sssd required-package: adcli required-package: samba-common [root@dept-example ~]# realm join example.edu -v -U 'example.edu\adm-jsmith' * Resolving: _ldap._tcp.example.edu * Performing LDAP DSE lookup on: 192.0.2.176 * Performing LDAP DSE lookup on: 192.0.2.178 * Successfully discovered: example.edu Password for example.edu\adm-jsmith: * Required files: /usr/sbin/oddjobd, /usr/libexec/oddjob/mkhomedir, /usr/sbin/sssd, /usr/bin/net * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.K4T3EY -U fsu.edu\adm-jsmith ads join example.edu Enter example.edu\adm-jsmith's password: Using short domain name -- EXAMPLE Joined 'DEPT-EXAMPLE' to dns domain 'example.edu' * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.K4T3EY -U example.edu\adm-jsmith ads keytab create Enter example.edu\adm-jsmith's password:kerberos_kinit_password example.edu\[email protected] failed: Client not found in Kerberos database kerberos_kinit_password example.edu\[email protected] failed: Client not found in Kerberos database ! Extracting host keytab failed realm: Couldn't join realm: Extracting host keytab failed [root@dept-example ~]# 我在CentOS 7.2服务器上遇到了同样的错误信息,试图joinAD域。 但是,与方向相反,通过用户名为我工作:
realm join example.edu -v -U 'adm-jsmith'
我尝试了很多东西,直到我看到上面的答案只是使用用户名。 这是关键。 我一直得到kerberos失败findkdc和kerberos失败,以validation消息,直到我使用以下内容:
realm --verbose join -U 'administrator' host.domain.com