[Samba] Can't join Linux host to AD - "Improper format of Kerberos configuration file"
Rowland penny
rpenny at samba.org
Tue Jun 11 12:58:41 UTC 2019
On 11/06/2019 13:41, Andreas Habel via samba wrote:
> Hi,
>
> when trying to add a Linux host (CentOS7) that is supposed to act as a file server to AD I get:
>
> # net ads join -U administrator
> Enter administrator's password:
> kerberos_kinit_password administrator at IERLAB.UX.UIS.NO failed: Improper format of Kerberos configuration file
> Failed to join domain: failed to connect to AD: Improper format of Kerberos configuration file
>
> Here's my krb5.conf (it looks the same on the DC and client):
> [libdefaults]
> default_realm = IERLAB.UX.UIS.NO
> dns_lookup_realm = false
> dns_lookup_kdc = true
>
That looks okay, it take it that is /etc/krb5.conf ?
> Here's the output of a couple of Kerberos-related commands (executed on the DC):
>
> # host -t SRV _kerberos._udp.ierlab.ux.uis.no
> _kerberos._udp.ierlab.ux.uis.no has SRV record 0 100 88 geo22.ierlab.ux.uis.no.
>
> # kinit administrator
> Password for administrator at IERLAB.UX.UIS.NO:
> # klist
> Ticket cache: FILE:/tmp/krb5cc_0
> Default principal: administrator at IERLAB.UX.UIS.NO
>
> Valid starting Expires Service principal
> 06/11/2019 14:00:34 06/12/2019 00:00:34 krbtgt/IERLAB.UX.UIS.NO at IERLAB.UX.UIS.NO
> renew until 06/12/2019 14:00:30
>
>
> From other threads on this list I learned that there could be a kdc.conf file; however, I can't find such a file on my DC.
No, you shouldn't have that file.
>
> So any help with the Kerberos configuration would be appreciated.
>
> Andreas
>
>
Lets start with you posting the smb.conf file from the machine that will
not join.
Rowland
More information about the samba
mailing list