Cannot join redhat 8 to AD

Posted on

Hi,

I have a RH8 that can reach DNS Servers & Domain Controllers
I am trying to add this server to the domain using the following command:

realm join -v --user=user@DOMAIN.COM --computer ou="OU=Linux,OU=POC,OU=Tenant,OU=Data,DC=domain,DC=se" DOMAIN

Below is the output:

  • Authenticated as user: user@DOMAIN.SE

  • Using GSS-SPNEGO for SASL bind

  • Looked up short domain name: DOMAIN

  • Looked up domain SID: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

  • Using fully qualified name: VM-POC-RHEL.DOMAIN.SE

  • Using domain name: DOMAIN.SE

  • Using computer account name: VM-POC-RHEL

  • Using domain realm: DOMAIN.SE

  • Calculated computer account name from fqdn: VM-POC-RHEL

  • Generated 120 character computer password

  • Using keytab: FILE:/etc/krb5.keytab

  • Computer account for VM-POC-RHEL$ does not exist

! Couldn't find a computer container in the ou, creating computer account directly in: OU=Linux,OU=POC,OU=Tenant,OU=Data,DC=domain,DC=se

  • Calculated computer account: CN=VM-POC-RHEL,OU=Linux,OU=POC,OU=Tenant,OU=Data,DC=domain,DC=se

  • Encryption type [16] not permitted.

  • Encryption type [23] not permitted.

  • Encryption type [3] not permitted.

  • Encryption type [1] not permitted.

  • Created computer account: CN=VM-POC-RHEL,OU=Linux,OU=POC,OU=Tenant,OU=Data,DC=domain,DC=se

  • Sending NetLogon ping to domain controller: Domain_Controller

  • Retrieved kvno '1' for computer account in directory: CN=VM-POC-RHEL,OU=Linux,OU=POC,OU=Tenant,OU=Data,DC=domain,DC=se

  • Found old kvno '1'

  • Set computer password

  • Retrieved kvno '2' for computer account in directory: CN=VM-POC-RHEL,OU=OU=Linux,OU=POC,OU=Tenant,OU=Data,DC=domain,DC=se

  • Sending NetLogon ping to domain controller: Domain-Controller

  • Checking RestrictedKrbHost/VM-POC-RHEL.c.x.x

  • Added RestrictedKrbHost/VM-POC-RHEL.c.x.x

  • Checking RestrictedKrbHost/VM-POC-RHEL

  • Added RestrictedKrbHost/VM-POC-RHEL

  • Checking host/VM-POC-RHEL.c.x.x

  • Added host/VM-POC-RHEL.c.x.x

  • Checking host/VM-POC-RHEL.c.x.x

  • Added host/VM-POC-RHEL.c.x.x

  • Cleared old entries from keytab: FILE:/etc/krb5.keytab

  • Discovered which keytab salt to use

  • Added the entries to the keytab:VM-POC-RHEL$@DOMAIN.SE: FILE:/etc/krb5.keytab

  • Cleared old entries from keytab: FILE:/etc/krb5.keytab

  • Added the entries to the keytab: host/VM-POC-RHEL@DOMAIN.SE: FILE:/etc/krb5.keytab

  • Cleared old entries from keytab: FILE:/etc/krb5.keytab

  • Added the entries to the keytab: host/VM-POC-RHEL@DOMAIN.SE: FILE:/etc/krb5.keytab

  • Cleared old entries from keytab: FILE:/etc/krb5.keytab

  • Added the entries to the keytab: RestrictedKrbHost/VM-POC-RHEL@DOMAIN.SE: FILE:/etc/krb5.keytab

  • Cleared old entries from keytab: FILE:/etc/krb5.keytab

  • Added the entries to the keytab: RestrictedKrbHost/VM-POC-RHEL@DOMAIN.SE: FILE:/etc/krb5.keytab

And then stop. The object is created in AD, but realm list doesn't return anything.

Any help, please?

AD

Responses