Red Hat Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

  • Comments
    • Tags

    Cannot join redhat 8 to AD

    Posted on

    Hi,

    I have a RH8 that can reach DNS Servers & Domain Controllers
    I am trying to add this server to the domain using the following command:

    realm join -v --user=user@DOMAIN.COM --computer ou="OU=Linux,OU=POC,OU=Tenant,OU=Data,DC=domain,DC=se" DOMAIN

    Below is the output:

    • Authenticated as user: user@DOMAIN.SE

    • Using GSS-SPNEGO for SASL bind

    • Looked up short domain name: DOMAIN

    • Looked up domain SID: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

    • Using fully qualified name: VM-POC-RHEL.DOMAIN.SE

    • Using domain name: DOMAIN.SE

    • Using computer account name: VM-POC-RHEL

    • Using domain realm: DOMAIN.SE

    • Calculated computer account name from fqdn: VM-POC-RHEL

    • Generated 120 character computer password

    • Using keytab: FILE:/etc/krb5.keytab

    • Computer account for VM-POC-RHEL$ does not exist

    ! Couldn't find a computer container in the ou, creating computer account directly in: OU=Linux,OU=POC,OU=Tenant,OU=Data,DC=domain,DC=se

    • Calculated computer account: CN=VM-POC-RHEL,OU=Linux,OU=POC,OU=Tenant,OU=Data,DC=domain,DC=se

    • Encryption type [16] not permitted.

    • Encryption type [23] not permitted.

    • Encryption type [3] not permitted.

    • Encryption type [1] not permitted.

    • Created computer account: CN=VM-POC-RHEL,OU=Linux,OU=POC,OU=Tenant,OU=Data,DC=domain,DC=se

    • Sending NetLogon ping to domain controller: Domain_Controller

    • Retrieved kvno '1' for computer account in directory: CN=VM-POC-RHEL,OU=Linux,OU=POC,OU=Tenant,OU=Data,DC=domain,DC=se

    • Found old kvno '1'

    • Set computer password

    • Retrieved kvno '2' for computer account in directory: CN=VM-POC-RHEL,OU=OU=Linux,OU=POC,OU=Tenant,OU=Data,DC=domain,DC=se

    • Sending NetLogon ping to domain controller: Domain-Controller

    • Checking RestrictedKrbHost/VM-POC-RHEL.c.x.x

    • Added RestrictedKrbHost/VM-POC-RHEL.c.x.x

    • Checking RestrictedKrbHost/VM-POC-RHEL

    • Added RestrictedKrbHost/VM-POC-RHEL

    • Checking host/VM-POC-RHEL.c.x.x

    • Added host/VM-POC-RHEL.c.x.x

    • Checking host/VM-POC-RHEL.c.x.x

    • Added host/VM-POC-RHEL.c.x.x

    • Cleared old entries from keytab: FILE:/etc/krb5.keytab

    • Discovered which keytab salt to use

    • Added the entries to the keytab:VM-POC-RHEL$@DOMAIN.SE: FILE:/etc/krb5.keytab

    • Cleared old entries from keytab: FILE:/etc/krb5.keytab

    • Added the entries to the keytab: host/VM-POC-RHEL@DOMAIN.SE: FILE:/etc/krb5.keytab

    • Cleared old entries from keytab: FILE:/etc/krb5.keytab

    • Added the entries to the keytab: host/VM-POC-RHEL@DOMAIN.SE: FILE:/etc/krb5.keytab

    • Cleared old entries from keytab: FILE:/etc/krb5.keytab

    • Added the entries to the keytab: RestrictedKrbHost/VM-POC-RHEL@DOMAIN.SE: FILE:/etc/krb5.keytab

    • Cleared old entries from keytab: FILE:/etc/krb5.keytab

    • Added the entries to the keytab: RestrictedKrbHost/VM-POC-RHEL@DOMAIN.SE: FILE:/etc/krb5.keytab

    And then stop. The object is created in AD, but realm list doesn't return anything.

    Any help, please?

    by

    points

    Responses

    Red Hat LinkedIn YouTube Facebook X, formerly Twitter

    Quick Links

    Help

    Site Info

    Related Sites

    © 2025 Red Hat