Menu
While trying to manually join a Linux Instance of Ubuntu 16.04 in AWS Manged Active Directory using the tutorial https://docs.aws.amazon.com/directoryservice/latest/admin-guide/join_linux_instance.html, the authentication to the realm succeeded, but after that I am getting this error while trying to join the UBuntu 16.04 instance to AD:
Couldn't authenticate to active directory: SASL(-1): generic failure: GSSAPI Error: An invalid name was supplied (Success)
adcli: couldn't connect to ad.nettracer.aero domain: Couldn't authenticate to active directory: SASL(-1): generic failure: GSSAPI Error: An invalid name was supplied (Success)
! Insufficient permissions to join the domain
realm: Couldn't join realm: Insufficient permissions to join the domain
however, the same is working for CentOS.
Is there is anything wrong happens from my end?
774
For all intents and purposes, all Active Directory accounts are now accessible to the Linux system, in the same way natively-created local accounts are accessible to the system.
I have had the same issue with joining my Ubuntu 16.04 machine and all I had to do to resolve the problem is set the rdns flag to false in the krb5.conf as shown below:
/etc/krb5.conf
[libdefaults]
dns_lookup_realm = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
# default_realm = EXAMPLE.COM
default_ccache_name = KEYRING:persistent:%{uid}
Once you have added the line, you can join the machine to the domain by using the command:
sudo realm join -U [email protected] example.com --verbose
189
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
