Jos*_*ell 6 ubuntu active-directory
我正在尝试加入 Ubuntu Server 16.04.3(全新安装)加入 AD 按照指南https://www.starwindsoftware.com/blog/ubuntu-join-a-server-to-an-active-directory-domain
/etc/krb5.conf 内容如下:
[libdefaults]
ticket_lifetime = 24000
default_realm = mydomain.local
default_tgs_entypes = rc4-hmac des-cbc-md5
default_tkt__enctypes = rc4-hmac des-cbc-md5
permitted_enctypes = rc4-hmac des-cbc-md5
dns_lookup_realm = true
dns_lookup_kdc = true
dns_fallback = yes
[realms]
mydomain.local = {
kdc = pdc.mydomain.local
kdc = sdc.mydomain.local
default_domain = pdc.mydomain.local
}
[domain_realm]
.mydomain.local = pdc.mydomain.local
mydomain.local = pdc.mydomain.local
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
运行sudo kinit domainuser我收到错误:kinit:初始化 Kerberos 5 库时 Kerberos 配置文件格式不正确。谷歌搜索我发现 CentOS7 Kerberos Auth: Improper format of Kerberos configuration file; . 我已经检查了没有错误的 /etc/krb5.conf 语法。
也许有一个更简单的故障排除配置?(另外,请注意大小写,这一点非常重要,尽管它看起来可能很随意。)
[libdefaults]
default_realm = MYDOMAIN.LOCAL
ticket_lifetime = 24h
renew_lifetime = 7d
dns_lookup_realm = false
[realms]
MYDOMAIN.LOCAL = {
kdc = pdc.mydomain.local
kdc = sdc.mydomain.local
}
[domain_realm]
mydomain.local = MYDOMAIN.LOCAL
.mydomain.local = MYDOMAIN.LOCAL
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
如果这有效,您可以开始添加其他设置,直到出现问题。