Step 1: Determine if it is truly connected to the domain.
net ads leave domain.local -U jsmith.adm No realm set, are we joined ?
Step 2: Retry joining domain
net ads join domain.local -U jsmith.adm
I've seen the following error:
libnet_join_ok: failed to get schannel session key from server dc.domain.local for domain DOMAIN. Error was NT_STATUS_NO_TRUST_SAM_ACCOUNT Failed to join domain: failed to verify domain membership after joining: No trusted SAM account
Possible Fixes:
Double check the krb5.conf file for typos.
service smb restart; service winbind restart; service sssd restart;
I found another problem was that end users that had sudo access actually changed the ownership of the /tmp directory and while joining the domain, the process was able to create the temp files it needed. Here's how I figured it out.
Edit /etc/sssd/sssd.conf in the [domain] and [pam] sections set the value of: debug_level = 8. Restart sssd and log in again. Now check /var/log/sssd/krb5_child.log.
Here was my findings:
[root@box log]# tail sssd/krb5_child.log (Thu Sep 22 13:34:17 2016) [[sssd[krb5_child[4528]]]] [unpack_buffer] (0x2000): No old ccache (Thu Sep 22 13:34:17 2016) [[sssd[krb5_child[4528]]]] [unpack_buffer] (0x0100): ccname: [FILE:/tmp/krb5cc_569601190_XXXXXX] old_ccname: [not set] keytab: [/etc/krb5.keytab] (Thu Sep 22 13:34:17 2016) [[sssd[krb5_child[4528]]]] [check_use_fast] (0x0100): Not using FAST. (Thu Sep 22 13:34:17 2016) [[sssd[krb5_child[4528]]]] [check_parent_stat] (0x0020): Private directory can only be created below a directory belonging to root or to [569601190].
(Thu Sep 22 13:34:17 2016) [[sssd[krb5_child[4528]]]] [create_ccache_dir] (0x0010): Check the ownership and permissions of krb5_ccachedir: [/tmp].
(Thu Sep 22 13:34:17 2016) [[sssd[krb5_child[4528]]]] [k5c_precreate_ccache] (0x0040): ccache creation failed. (Thu Sep 22 13:34:17 2016) [[sssd[krb5_child[4528]]]] [k5c_ccache_setup] (0x0040): Cannot precreate ccache (Thu Sep 22 13:34:17 2016) [[sssd[krb5_child[4528]]]] [privileged_krb5_setup] (0x0020): k5c_ccache_setup failed. (Thu Sep 22 13:34:17 2016) [[sssd[krb5_child[4528]]]] [main] (0x0020): privileged_krb5_setup failed. (Thu Sep 22 13:34:17 2016) [[sssd[krb5_child[4528]]]] [main] (0x0020): krb5_child failed!
Another command that help troubleshoot this was:
KRB5_TRACE=/dev/stdout kinit admin
Source: Link Link Link Link Link
لماذا تحتاج إلى شركة متخصصة لتخزين العفش في الرياض؟
ReplyDeleteتتمثل أهمية اللجوء إلى شركة تخزين اثاث بالرياض في توفير بيئة تخزين مثالية تحافظ على جودة الأثاث وتمنع تعرضه للتلف. فهذه الشركات تمتلك مستودعات مجهزة بأفضل معايير الحماية، بما في ذلك أنظمة التحكم في درجة الحرارة والرطوبة، ووسائل الحماية ضد الحشرات والقوارض، بالإضافة إلى أنظمة التهوية التي تمنع تراكم العفن والفطريات على الأسطح الخشبية والقماشية.