Why realm fails with "Can't find client principal in cache collection" error while joining Rhel7 to Active Direcotry

Solution Verified - Updated -

Issue

  • Active Directory join using realm fails and reporting error on non-existing principal.
 realm join example.com --verbose
* Resolving: _ldap._tcp.example.com
* Performing LDAP DSE lookup on: 10.112.8.34
* Performing LDAP DSE lookup on: 10.10.15.11
* Successfully discovered: example.com

Password for administrator:

* Required files: /usr/sbin/oddjobd, /usr/libexec/oddjob/mkhomedir, /usr/sbin/sssd, /usr/bin/net
* LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.SMA7XY -U Administrator ads join example.com createcomputer=Servers/Application
Enter Administrator's password:gss_init_sec_context failed with [Unspecified GSS failure.  Minor code may provide more information: Can't find client principal user1@example.com in cache collection]
kinit succeeded but ads_sasl_spnego_gensec_bind(KRB5) failed: An internal error occurred.
Failed to join domain: failed to connect to AD: An internal error occurred.

Environment

  • Red Hat Enterprise Linux Server 7
  • realmd-0.16.1-9.el7.x86_64

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content