[Samba] Can't join Linux host to AD - "Improper format of Kerberos configuration file"

Andreas Habel andreas.habel at uis.no
Tue Jun 11 12:41:46 UTC 2019


when trying to add a Linux host (CentOS7) that is supposed to act as a file server to AD I get:

# net ads join -U administrator
Enter administrator's password:
kerberos_kinit_password administrator at IERLAB.UX.UIS.NO failed: Improper format of Kerberos configuration file
Failed to join domain: failed to connect to AD: Improper format of Kerberos configuration file

Here's my krb5.conf (it looks the same on the DC and client):
        default_realm = IERLAB.UX.UIS.NO
        dns_lookup_realm = false
        dns_lookup_kdc = true

Here's the output of a couple of Kerberos-related commands (executed on the DC):

# host -t SRV _kerberos._udp.ierlab.ux.uis.no
_kerberos._udp.ierlab.ux.uis.no has SRV record 0 100 88 geo22.ierlab.ux.uis.no.

# kinit administrator
Password for administrator at IERLAB.UX.UIS.NO:
# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: administrator at IERLAB.UX.UIS.NO

Valid starting       Expires              Service principal
06/11/2019 14:00:34  06/12/2019 00:00:34  krbtgt/IERLAB.UX.UIS.NO at IERLAB.UX.UIS.NO
        renew until 06/12/2019 14:00:30

>From other threads on this list I learned that there could be a kdc.conf file; however, I can't find such a file on my DC.

So any help with the Kerberos configuration would be appreciated.


Andreas Habel
Petroleum engineering lab
Geosciences | Unix network
Faculty of Science and Technology
University of Stavanger

Phone: +47-51 83 22 93

More information about the samba mailing list