'realm join' is failing with error "Failed to join domain: Failed to set machine spn: Constraint violation"

Solution Verified - Updated -

Issue

  • 'realm join' is failing with the following error even if user is member of "Domain Admins" group:
# realm join -v example.com --computer-ou OU=Servers,OU=DEV -U ad_user
 * Resolving: _ldap._tcp.example.com
 * Performing LDAP DSE lookup on: 192.168.0.1
 * Successfully discovered: EXAMPLE.COM
Password for ad_user:
 * Required files: /usr/sbin/oddjobd, /usr/libexec/oddjob/mkhomedir, /usr/sbin/sssd, /usr/bin/net
 * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.GVUCFZ -U ad_user ads join EXAMPLE.COM createcomputer=DEV/Servers
Enter  ad_user's password:
Failed to join domain: Failed to set machine spn: Constraint violation   <-----
Do you have sufficient permissions to create machine accounts?           <-----
 ! Joining the domain EXAMPLE.COM failed
realm: Couldn't join realm: Joining the domain EXAMPLE.COM failed

Environment

  • Red Hat Enterprise Linux (RHEL) 7
  • Red Hat Enterprise Linux (RHEL) 8
  • realmd

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content