[Authentication] Command `realm join` fails to register DNS, it is trying to cut DNS hostname when it is bigger than 15 chars.
Martinx - ジェームズ
thiagocmartinsc at gmail.com
Mon Sep 15 22:49:48 PDT 2014
Hey guys,
I'll try to simplify my situation with Realm + SSSD, as follows:
* While running "realm join"
1) How can I specify the "NetBIOS Name" ? (equivalent of adcli's
"--computer-name");
2) How can I tell it (realm join) to *not cut* the DNS hostname @ char 15?
Thanks!
Thiago
On 13 September 2014 02:06, Martinx - ジェームズ <thiagocmartinsc at gmail.com>
wrote:
> Guys,
>
> I'm trying to join a Linux instance into my AD Domain, its FQDN is `
> puppetmaster-1-i-000000b9.tenant-a.company.com`:
>
> ---
> root at puppetmaster-1:~# hostname puppetmaster-1-i-000000b9
>
> root at puppetmaster-1:~# hostname -f
> puppetmaster-1-i-000000b9.tenant-a.company.com
>
> root at puppetmaster-1:~# realm -v join sambadom.company.com -U Administrator
> * Resolving: _ldap._tcp.sambadom.company.com
> * Performing LDAP DSE lookup on: 192.168.1.10
> * Performing LDAP DSE lookup on: 192.168.1.20
> * Successfully discovered: sambadom.company.com
> Password for Administrator:
> * Unconditionally checking packages
> * Resolving required packages
> * * Joining using a truncated netbios name: PUPPETMASTER-1-*
> * LANG=C LOGNAME=root /usr/bin/net -s
> /var/cache/realmd/realmd-smb-conf.HMC1LX -U Administrator ads join
> sambadom.company.com
> Enter Administrator's password:DNS update failed:
> NT_STATUS_INVALID_PARAMETER
>
> Using short domain name -- SAMBADOM
> Joined 'PUPPETMASTER-1-' to dns domain 'sambadom.company.com'
> *No DNS domain configured for puppetmaster-1-. Unable to perform DNS
> Update.*
> * LANG=C LOGNAME=root /usr/bin/net -s
> /var/cache/realmd/realmd-smb-conf.HMC1LX -U Administrator ads keytab create
> Enter Administrator's password:
> * /usr/sbin/update-rc.d sssd enable
> update-rc.d: /etc/init.d/sssd: file does not exist
> * /usr/sbin/service sssd restart
> stop: Unknown instance:
> sssd start/running, process 6243
> * Successfully enrolled machine in realm
> ---
>
> It joined but the DNS did not got registered...
>
> If I remove the "$instance-id", from the `hostname`, then, the command
> `realm -v join ...` works! But, it will break my environment "as-is", I'm
> expecting: "hostname+instance-id"... :-/
>
> I'm evaluating the couple "realmd + sssd" to replace Samba + Winbind but,
> this unique problem is an impediment to start using this solution in
> production today...
>
> Any tips?!
>
> From what I'm seeing, the `realm join` is missing an option like
> `--computer-name=puppetmaster-1` like the one from `adcli` (and it should
> not use that truncated "PUPPETMASTER-1-" above), and do not "cut / touch"
> the DNS hostname.
>
> When with Winbind+Samba, I can join / register the hostname
> `puppetmaster-1-i-000000b9` @ `tenant-a.company.com` without any problem
> (using `net ad join -U Administrator`) but, Winbind brings lots of others
> problems, so, I'm trying to move to `sssd` instead...
>
> I really appreciate any help! I'm using Ubuntu 14.04.1 with my own small
> PPA archive: http://launchpad.net/~martinx/+archive/ubuntu/ig
>
> Thanks!
> Thiago
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/authentication/attachments/20140916/84adb485/attachment.html>
More information about the Authentication
mailing list