I’m trying to set up an Ubuntu 18.04 machine and joining it to an Active Directory domain. Previously (e. g. on Ubuntu 17.10) I could do
# kinit -kt /path/to/keytab my_username # realm join ad.example.com
However, with Ubuntu 18.04, it seems that the realm command doesn’t see the Kerberos ticket:
# kinit -kt /path/to/keytab my_username # realm join --verbose ad.example.com * Resolving: _ldap._tcp.ad.example.com * Performing LDAP DSE lookup on: 10.A.B.150 * Performing LDAP DSE lookup on: 10.C.D.131 * Successfully discovered: ad.example.com Password for Administrator: * Unconditionally checking packages * Resolving required packages * LANG=C /usr/sbin/adcli join --verbose --domain ad.example.com --domain-realm AD.EXAMPLE.COM --domain-controller 10.A.B.150 --login-type user --login-user Administrator --stdin-password * Using domain name: ad.example.com * Calculated computer account name from fqdn: PCTEST * Using domain realm: ad.example.com * Sending netlogon pings to domain controller: cldap://10.A.B.150 * Received NetLogon info from: ADS2.ad.example.com * Wrote out krb5.conf snippet to /var/cache/realmd/adcli-krb5-liolnd/krb5.d/adcli-krb5-conf-032njz ! Couldn't authenticate as: [email protected]: Preauthentication failed adcli: couldn't connect to ad.example.com domain: Couldn't authenticate as: [email protected]: Preauthentication failed ! Failed to join the domain
What could be happening here? Is there something obvious I’m missing (e. g. some package is not installed)?
0 Answers