Ubuntu
sssd package

  1. Bug #1868703
  2. Comment #91

Comment 91 for bug 1868703

Revision history for this message
Tobias Karnat (tobiaskarnat-remondis) wrote :

verification-done-bionic
adcli 0.8.2-1ubuntu1.2
libsasl2-2 2.1.27~101-g0780600+dfsg-3ubuntu2.1

I did all from the testcase with and without --use-ldaps

# adcli join --verbose -U admin-karnat -O ou=Dummy,ou=IT,dc=REMONDIS-DE,dc=LOCAL --os-name=Ubuntu --os-version=18 .04 -S DE0000D05.REMONDIS-DE.LOCAL * Sending netlogon pings to domain controller: cldap://10.2.1.212 * Received NetLogon info from: DE0000D05.remondis-de.local * Discovered domain name: remondis-de.local * Calculated computer account name from fqdn: DE9899SGT * Calculated domain realm from name: REMONDIS-DE.LOCAL
 * Wrote out krb5.conf snippet to /tmp/adcli-krb5-8U1C1r/krb5.d/adcli-krb5-conf-gmZVSx Password for <email address hidden>: * Authenticated as user: <email address hidden> * Using GSS-SPNEGO for SASL bind * Looked up short domain name: REMONDIS-DE * Using fully qualified name: DE9899SGT * Using domain name: remondis-de.local * Using computer account name: DE9899SGT * Using domain realm: remondis-de.local * Calculated computer account name from fqdn: DE9899SGT * Generated 120 character computer password * Using keytab: FILE:/etc/krb5.keytab * Computer account for DE9899SGT$ does not exist ! Couldn't find a computer container in the ou, creating computer account directly in: ou=Dummy,ou=IT,dc=REMONDIS-DE,dc=LOCAL * Calculated computer account: CN=DE9899SGT,ou=Dummy,ou=IT,dc=REMONDIS-DE,dc=LOCAL * Created computer account: CN=DE9899SGT,ou=Dummy,ou=IT,dc=REMONDIS-DE,dc=LOCAL * Set computer password * Retrieved kvno '2' for computer account in directory: CN=DE9899SGT,ou=Dummy,ou=IT,dc=REMONDIS-DE,dc=LOCAL * Modifying computer account: dNSHostName * Modifying computer account: userAccountControl * Modifying computer account: operatingSystem, operatingSystemVersion, operatingSystemServicePack * Modifying computer account: userPrincipalName ! Couldn't set service principals on computer account CN=DE9899SGT,ou=Dummy,ou=IT,dc=REMONDIS-DE,dc=LOCAL: 00002083: AtrErr: DSID-03151785, #1:
        0: 00002083: DSID-03151785, problem 1006 (ATT_OR_VALUE_EXISTS), data 0, Att 90303 (servicePrincipalName)
 ! Couldn't authenticate with keytab while discovering which salt to use: DE9899SGT$@REMONDIS-DE.LOCAL: Client 'DE9899SGT$@REMONDIS-DE.LOCAL' not found in Kerberos database
 * Added the entries to the keytab: DE9899SGT$@REMONDIS-DE.LOCAL: FILE:/etc/krb5.keytab * Added the entries to the keytab: <email address hidden>: FILE:/etc/krb5.keytab * Cleared old entries from keytab: FILE:/etc/krb5.keytab
 * Added the entries to the keytab: <email address hidden>: FILE:/etc/krb5.keytab * Added the entries to the keytab: <email address hidden>: FILE:/etc/krb5.keytab * Cleared old entries from keytab: FILE:/etc/krb5.keytab
 * Added the entries to the keytab: <email address hidden>: FILE:/etc/krb5.keytab