我在我的部门使用拆分DNS:权威的校园范围的DNS服务器运行BIND并且不支持动态更新,所以我在我的部门运行一对windows DNS服务器.
思考?
谢谢!
[root@dept-example ~]# realm discover -v example.edu * Resolving: _ldap._tcp.example.edu * Performing LDAP DSE lookup on: 192.0.2.177 * Performing LDAP DSE lookup on: 192.0.2.176 * Successfully discovered: example.eduexample.edu type: kerberos realm-name: EXAMPLE.EDU domain-name: example.edu configured: no server-software: active-directory clIEnt-software: sssd required-package: oddjob required-package: oddjob-mkhomedir required-package: sssd required-package: adcli required-package: samba-common[root@dept-example ~]# realm join example.edu -v -U 'example.edu\adm-Jsmith' * Resolving: _ldap._tcp.example.edu * Performing LDAP DSE lookup on: 192.0.2.176 * Performing LDAP DSE lookup on: 192.0.2.178 * Successfully discovered: example.eduPassword for example.edu\adm-Jsmith: * required files: /usr/sbin/oddjobd,/usr/libexec/oddjob/mkhomedir,/usr/sbin/sssd,/usr/bin/net * LANG=C LOGname=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.K4T3EY -U fsu.edu\adm-Jsmith ads join example.eduEnter example.edu\adm-Jsmith's password:Using short domain name -- EXAMPLEJoined 'DEPT-EXAMPLE' to dns domain 'example.edu' * LANG=C LOGname=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.K4T3EY -U example.edu\adm-Jsmith ads keytab createEnter example.edu\adm-Jsmith's password:kerberos_kinit_password example.edu\adm-Jsmith@EXAMPLE.EDU Failed: ClIEnt not found in Kerberos databasekerberos_kinit_password example.edu\adm-Jsmith@EXAMPLE.EDU Failed: ClIEnt not found in Kerberos database ! Extracting host keytab Failedrealm: Couldn't join realm: Extracting host keytab Failed[root@dept-example ~]#解决方法 我尝试了很多东西,直到我看到上面的答案只是使用用户名.这是关键.在我使用以下内容之前,我不断发现kerberos无法找到kdc和kerberos无法验证消息:
realm --verbose join -U 'administrator' host.domain.com总结
以上是内存溢出为你收集整理的linux – RHEL 7.2:使用realm加入AD域全部内容,希望文章能够帮你解决linux – RHEL 7.2:使用realm加入AD域所遇到的程序开发问题。
如果觉得内存溢出网站内容还不错,欢迎将内存溢出网站推荐给程序员好友。
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)