Ping a Specific Port

Question

shearn89

Asked: 2016-08-30 04:54:05 +0800 CST2016-08-30 04:54:05 +0800 CST 2016-08-30 04:54:05 +0800 CST

Problems with 'adcli join' command: "invalid parameter supplied" and "unable to find a callback"

772

I am seeing problems when using adcli to join a RHEL7 machine to a Windows domain:

couldn't connect to local.net domain: couldn't authenticate to active directory: SASL( -7): invalid parameter supplied: unable to find a callback: 32775

SSSD configuration is good (same as working box), Kerberos config is good (could kinit). I have even tried removing a working box from AD and re-adding it: that worked fine too.

1 Answers

Voted

shearn89 · Answer 1 · 2016-08-30T04:54:05+08:00

shearn89

2016-08-30T04:54:05+08:002016-08-30T04:54:05+08:00

It turned out in this case to be a problem with the OpenLDAP configuration. In /etc/openldap/ldap.conf I had a line:

sasl_secprops minssf=0,maxssf=0

This line doesn't break machines that are already joined to the domain, but it does break the joining process!

I simply removed the line, but I expect (from my googling of the properties) that setting them to something other than 0 would work as well.

2

Problems with 'adcli join' command: "invalid parameter supplied" and "unable to find a callback"

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?