Wrong principles in krb5.keytab when joining to Windows Active Directory
Issue
- When joining to Windows Active Directory using
realm join
it appears that the/etc/krb5.keytab
gets the wrong principles. - The computer object in Active Directory gets the wrong servicePrincipalName and/or dNSHostName values.
- Executing
klist -k
reveals that the host's FQDN is not used for the SPN values.
Environment
- Red Hat Enterprise Linux (RHEL) 7.8
- realmd-0.16.1-12
- samba
- 4.10.4-8
- 4.10.4-10
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.