Cannot enroll RHEL systems to Active Directory domains running Windows Server 2025

Solution Verified - Updated -

Issue

  • RHEL systems cannot join Active Directory anymore with adcli:
# realm join example.com -–membership-software=adcli
! Couldn't set password for computer account: MACHINE$: Message stream modified
  • User account passwords in Active Directory cannot be changed from RHEL systems. kpasswd tool displays the error:
 Message stream modified

Environment

  • Red Hat Enterprise Linux
    • adcli
    • sssd
  • Microsoft Active Directory Server 2025
    • Created with or Updated to Windows AD Server 2025

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content