[Authentication] realmd domain join with kinit not working on Ubuntu 18.04
Simon May
simon.may at uni-muenster.de
Fri Jul 27 16:02:38 UTC 2018
I checked:
# kinit -kt /path/to/keytab my_username
# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: my_username at EXAMPLE.COM
Valid starting Expires Service principal
25.07.2018 17:01:13 26.07.2018 03:01:13 krbtgt/EXAMPLE.COM at EXAMPLE.COM
So the ticket is definitely there, but realmd doesn’t use/see it.
On 21.07.2018 03:00, Simon May wrote:
> Well, I’m not the one specifying these options. The only commands I ran were
> # kinit -kt /path/to/keytab my_username
> # realm join ad.example.com
> The call to “adcli” and all the options used for it were generated by
> the “realm” command. My question is why it is using these options in
> particular instead of the Kerberos ticket.
>
> I will check if the ticket is actually there using “klist”, perhaps it
> disappears for some reason.
>
>
> On 20.07.2018 20:48, Niklas Andersson wrote:
>> AFAIK you don't need any of these options "--login-type user
>> --login-user Administrator --stdin-password" if you have a valid
>> Kerberos ticket (check with klist)
>>
>> The purpose with Kerberos is that you don't need to specify user or
>> password.
>>
>> Regards,
>> Niklas
>>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.freedesktop.org/archives/authentication/attachments/20180727/16eb5b32/attachment.sig>
More information about the Authentication
mailing list