Bug 1859503
| Summary: | Realm join fails with error 'Failed to join domain: failed to lookup DC info for domain 'testdomain12.com' over rpc: {Not Enough Quota} Not enough virtual memory or paging file quota is available to complete the specified operation' | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Bhavana <bthakur> |
| Component: | realmd | Assignee: | Sumit Bose <sbose> |
| Status: | CLOSED ERRATA | QA Contact: | sssd-qe <sssd-qe> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 8.3 | CC: | adzilsky, asn, gdeschner, iboukris, jarrpa, sbose, sgadekar |
| Target Milestone: | rc | Flags: | pm-rhel:
mirror+
|
| Target Release: | 8.0 | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | sync-to-jira | ||
| Fixed In Version: | realmd-0.16.3-19.el8 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-11-04 02:17:20 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Comment 1
Andreas Schneider
2020-07-22 11:58:32 UTC
Is this a machine with FIPS enabled? If yes, NTLM doesn't work in FIPS mode as it is based on RC4 ... Isaac, yes you're right. 'realm join' doesn't use -k Hi,
it looks like just adding '-k' does not help:
/usr/bin/net -s /tmp/realmd-smb-conf.5XMOP0 -U Administrator -k ads join dom-067.abc.idm.lab.eng.brq.redhat.com -d 10
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
tevent: 10
auth_audit: 10
auth_json_audit: 10
kerberos: 10
drs_repl: 10
smb2: 10
smb2_credits: 10
dsdb_audit: 10
dsdb_json_audit: 10
dsdb_password_audit: 10
dsdb_password_json_audit: 10
dsdb_transaction_audit: 10
dsdb_transaction_json_audit: 10
dsdb_group_audit: 10
dsdb_group_json_audit: 10
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
tevent: 10
auth_audit: 10
auth_json_audit: 10
kerberos: 10
drs_repl: 10
smb2: 10
smb2_credits: 10
dsdb_audit: 10
dsdb_json_audit: 10
dsdb_password_audit: 10
dsdb_password_json_audit: 10
dsdb_transaction_audit: 10
dsdb_transaction_json_audit: 10
dsdb_group_audit: 10
dsdb_group_json_audit: 10
Processing section "[global]"
doing parameter workgroup = DOM-067
doing parameter netbios name = CI-VM-10-0-136-
doing parameter realm = DOM-067.ABC.IDM.LAB.ENG.BRQ.REDHAT.COM
doing parameter kerberos method = secrets and keytab
doing parameter security = ads
pm_process() returned Yes
lp_servicenumber: couldn't find homes
messaging_dgm_ref: messaging_dgm_init returned Success
messaging_dgm_ref: unique = 11754242670764728861
Registering messaging pointer for type 2 - private_data=(nil)
Registered MSG_REQ_POOL_USAGE
Registering messaging pointer for type 11 - private_data=(nil)
Registering messaging pointer for type 12 - private_data=(nil)
Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
Registering messaging pointer for type 1 - private_data=(nil)
Registering messaging pointer for type 5 - private_data=(nil)
Registering messaging pointer for type 51 - private_data=(nil)
messaging_init_internal: my id: 11573
lp_load_ex: refreshing parameters
Freeing parametrics:
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
tevent: 10
auth_audit: 10
auth_json_audit: 10
kerberos: 10
drs_repl: 10
smb2: 10
smb2_credits: 10
dsdb_audit: 10
dsdb_json_audit: 10
dsdb_password_audit: 10
dsdb_password_json_audit: 10
dsdb_transaction_audit: 10
dsdb_transaction_json_audit: 10
dsdb_group_audit: 10
dsdb_group_json_audit: 10
Processing section "[global]"
doing parameter workgroup = DOM-067
doing parameter netbios name = CI-VM-10-0-136-
doing parameter realm = DOM-067.ABC.IDM.LAB.ENG.BRQ.REDHAT.COM
doing parameter kerberos method = secrets and keytab
doing parameter security = ads
pm_process() returned Yes
lp_servicenumber: couldn't find homes
Netbios name list:-
my_netbios_names[0]="CI-VM-10-0-136-"
added interface eth0 ip=2620:52:0:88:f816:3eff:fe3e:beaa bcast= netmask=ffff:ffff:ffff:ffff::
added interface eth0 ip=10.0.136.207 bcast=10.0.139.255 netmask=255.255.252.0
libnet_Join:
libnet_JoinCtx: struct libnet_JoinCtx
in: struct libnet_JoinCtx
dc_name : NULL
machine_name : 'CI-VM-10-0-136-'
domain_name : *
domain_name : 'dom-067.abc.idm.lab.eng.brq.redhat.com'
domain_name_type : JoinDomNameTypeDNS (1)
account_ou : NULL
admin_account : 'Administrator'
admin_domain : NULL
machine_password : NULL
join_flags : 0x00000023 (35)
0: WKSSVC_JOIN_FLAGS_IGNORE_UNSUPPORTED_FLAGS
0: WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME
0: WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT
0: WKSSVC_JOIN_FLAGS_DEFER_SPN
0: WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED
0: WKSSVC_JOIN_FLAGS_JOIN_UNSECURE
1: WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED
0: WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE
0: WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE
1: WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE
1: WKSSVC_JOIN_FLAGS_JOIN_TYPE
os_version : NULL
os_name : NULL
os_servicepack : NULL
create_upn : 0x00 (0)
upn : NULL
dnshostname : NULL
modify_config : 0x00 (0)
ads : NULL
debug : 0x01 (1)
use_kerberos : 0x01 (1)
secure_channel_type : SEC_CHAN_WKSTA (2)
desired_encryption_types : 0x0000001f (31)
Opening cache file at /var/lib/samba/lock/gencache.tdb
sitename_fetch: Returning sitename for realm 'dom-067.abc.idm.lab.eng.brq.redhat.com': "Default-First-Site-Name"
dsgetdcname_internal: domain_name: dom-067.abc.idm.lab.eng.brq.redhat.com, domain_guid: (null), site_name: Default-First-Site-Name, flags: 0x40021011
debug_dsdcinfo_flags: 0x40021011
DS_FORCE_REDISCOVERY DS_DIRECTORY_SERVICE_REQUIRED DS_WRITABLE_REQUIRED DS_IS_DNS_NAME DS_RETURN_DNS_NAME
dsgetdcname_rediscover
dns_lookup_send_next: Sending DNS request #0 to 10.37.170.126
dns_cli_request_send: Asking 10.37.170.126 for _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.dom-067.abc.idm.lab.eng.brq.redhat.com/1/33 via UDP
[0000] DD 75 01 00 00 01 00 00 00 00 00 00 05 5F 6C 64 .u...... ....._ld
[0010] 61 70 04 5F 74 63 70 17 44 65 66 61 75 6C 74 2D ap._tcp. Default-
[0020] 46 69 72 73 74 2D 53 69 74 65 2D 4E 61 6D 65 06 First-Si te-Name.
[0030] 5F 73 69 74 65 73 02 64 63 06 5F 6D 73 64 63 73 _sites.d c._msdcs
[0040] 07 64 6F 6D 2D 30 36 37 03 61 62 63 03 69 64 6D .dom-067 .abc.idm
[0050] 03 6C 61 62 03 65 6E 67 03 62 72 71 06 72 65 64 .lab.eng .brq.red
[0060] 68 61 74 03 63 6F 6D 00 00 21 00 01 hat.com. .!..
[0000] DD 75 85 80 00 01 00 01 00 00 00 02 05 5F 6C 64 .u...... ....._ld
[0010] 61 70 04 5F 74 63 70 17 44 65 66 61 75 6C 74 2D ap._tcp. Default-
[0020] 46 69 72 73 74 2D 53 69 74 65 2D 4E 61 6D 65 06 First-Si te-Name.
[0030] 5F 73 69 74 65 73 02 64 63 06 5F 6D 73 64 63 73 _sites.d c._msdcs
[0040] 07 64 6F 6D 2D 30 36 37 03 61 62 63 03 69 64 6D .dom-067 .abc.idm
[0050] 03 6C 61 62 03 65 6E 67 03 62 72 71 06 72 65 64 .lab.eng .brq.red
[0060] 68 61 74 03 63 6F 6D 00 00 21 00 01 C0 0C 00 21 hat.com. .!.....!
[0070] 00 01 00 00 02 58 00 35 00 00 00 64 01 85 06 76 .....X.5 ...d...v
[0080] 6D 2D 30 36 37 07 64 6F 6D 2D 30 36 37 03 61 62 m-067.do m-067.ab
[0090] 63 03 69 64 6D 03 6C 61 62 03 65 6E 67 03 62 72 c.idm.la b.eng.br
[00A0] 71 06 72 65 64 68 61 74 03 63 6F 6D 00 C0 7E 00 q.redhat .com..~.
[00B0] 01 00 01 00 00 0E 10 00 04 0A 25 AA 7E C0 7E 00 ........ ..%.~.~.
[00C0] 1C 00 01 00 00 0E 10 00 10 26 20 00 52 00 00 25 ........ .& .R..%
[00D0] AA 84 ED 7D 2F 14 84 60 E1 ...}/..` .
dns_cli_request_udp_done: Got op=8580 1/1/0/0 recs
LDAP ping to vm-067.dom-067.abc.idm.lab.eng.brq.redhat.com (10.37.170.126)
&response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX
command : LOGON_SAM_LOGON_RESPONSE_EX (23)
sbz : 0x0000 (0)
server_type : 0x000033fd (13309)
1: NBT_SERVER_PDC
1: NBT_SERVER_GC
1: NBT_SERVER_LDAP
1: NBT_SERVER_DS
1: NBT_SERVER_KDC
1: NBT_SERVER_TIMESERV
1: NBT_SERVER_CLOSEST
1: NBT_SERVER_WRITABLE
1: NBT_SERVER_GOOD_TIMESERV
0: NBT_SERVER_NDNC
0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
1: NBT_SERVER_FULL_SECRET_DOMAIN_6
1: NBT_SERVER_ADS_WEB_SERVICE
0: NBT_SERVER_DS_8
0: NBT_SERVER_HAS_DNS_NAME
0: NBT_SERVER_IS_DEFAULT_NC
0: NBT_SERVER_FOREST_ROOT
domain_uuid : 4b28f74a-1d16-42b9-be98-97ad877b34da
forest : 'dom-067.abc.idm.lab.eng.brq.redhat.com'
dns_domain : 'dom-067.abc.idm.lab.eng.brq.redhat.com'
pdc_dns_name : 'vm-067.dom-067.abc.idm.lab.eng.brq.redhat.com'
domain_name : 'DOM-067'
pdc_name : 'VM-067'
user_name : ''
server_site : 'Default-First-Site-Name'
client_site : 'Default-First-Site-Name'
sockaddr_size : 0x00 (0)
sockaddr: struct nbt_sockaddr
sockaddr_family : 0x00000000 (0)
pdc_ip : (null)
remaining : DATA_BLOB length=0
next_closest_site : NULL
nt_version : 0x00000005 (5)
1: NETLOGON_NT_VERSION_1
0: NETLOGON_NT_VERSION_5
1: NETLOGON_NT_VERSION_5EX
0: NETLOGON_NT_VERSION_5EX_WITH_IP
0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
0: NETLOGON_NT_VERSION_AVOID_NT4EMUL
0: NETLOGON_NT_VERSION_PDC
0: NETLOGON_NT_VERSION_IP
0: NETLOGON_NT_VERSION_LOCAL
0: NETLOGON_NT_VERSION_GC
lmnt_token : 0xffff (65535)
lm20_token : 0xffff (65535)
gencache_set_data_blob: Adding cache entry with key=[DSGETDCNAME/DOMAIN/DOM-067] and timeout=[Tue Aug 11 05:54:29 2020 EDT] (900 seconds ahead)
sitename_store: realm = [DOM-067], sitename = [Default-First-Site-Name], expire = [2085923199]
gencache_set_data_blob: Adding cache entry with key=[AD_SITENAME/DOMAIN/DOM-067] and timeout=[Wed Dec 31 18:59:59 -2147481749 EST] (67768034594538030 seconds ahead)
gencache_set_data_blob: Adding cache entry with key=[DSGETDCNAME/DOMAIN/DOM-067.ABC.IDM.LAB.ENG.BRQ.REDHAT.COM] and timeout=[Tue Aug 11 05:54:29 2020 EDT] (900 seconds ahead)
sitename_store: realm = [dom-067.abc.idm.lab.eng.brq.redhat.com], sitename = [Default-First-Site-Name], expire = [2085923199]
gencache_set_data_blob: Adding cache entry with key=[AD_SITENAME/DOMAIN/DOM-067.ABC.IDM.LAB.ENG.BRQ.REDHAT.COM] and timeout=[Wed Dec 31 18:59:59 -2147481749 EST] (67768034594538030 seconds ahead)
create_local_private_krb5_conf_for_domain: fname = /var/lib/samba/lock/smb_krb5/krb5.conf._JOIN_, realm = dom-067.abc.idm.lab.eng.brq.redhat.com, domain = _JOIN_
saf_fetch: failed to find server for "dom-067.abc.idm.lab.eng.brq.redhat.com" domain
get_dc_list: preferred server list: ", *"
internal_resolve_name: looking up dom-067.abc.idm.lab.eng.brq.redhat.com#dcdc (sitename Default-First-Site-Name)
resolve_ads: Attempting to resolve KDCs for dom-067.abc.idm.lab.eng.brq.redhat.com using DNS
dns_lookup_send_next: Sending DNS request #0 to 10.37.170.126
dns_cli_request_send: Asking 10.37.170.126 for _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.dom-067.abc.idm.lab.eng.brq.redhat.com/1/33 via UDP
[0000] CC 73 01 00 00 01 00 00 00 00 00 00 09 5F 6B 65 .s...... ....._ke
[0010] 72 62 65 72 6F 73 04 5F 74 63 70 17 44 65 66 61 rberos._ tcp.Defa
[0020] 75 6C 74 2D 46 69 72 73 74 2D 53 69 74 65 2D 4E ult-Firs t-Site-N
[0030] 61 6D 65 06 5F 73 69 74 65 73 02 64 63 06 5F 6D ame._sit es.dc._m
[0040] 73 64 63 73 07 64 6F 6D 2D 30 36 37 03 61 62 63 sdcs.dom -067.abc
[0050] 03 69 64 6D 03 6C 61 62 03 65 6E 67 03 62 72 71 .idm.lab .eng.brq
[0060] 06 72 65 64 68 61 74 03 63 6F 6D 00 00 21 00 01 .redhat. com..!..
[0000] CC 73 85 80 00 01 00 01 00 00 00 02 09 5F 6B 65 .s...... ....._ke
[0010] 72 62 65 72 6F 73 04 5F 74 63 70 17 44 65 66 61 rberos._ tcp.Defa
[0020] 75 6C 74 2D 46 69 72 73 74 2D 53 69 74 65 2D 4E ult-Firs t-Site-N
[0030] 61 6D 65 06 5F 73 69 74 65 73 02 64 63 06 5F 6D ame._sit es.dc._m
[0040] 73 64 63 73 07 64 6F 6D 2D 30 36 37 03 61 62 63 sdcs.dom -067.abc
[0050] 03 69 64 6D 03 6C 61 62 03 65 6E 67 03 62 72 71 .idm.lab .eng.brq
[0060] 06 72 65 64 68 61 74 03 63 6F 6D 00 00 21 00 01 .redhat. com..!..
[0070] C0 0C 00 21 00 01 00 00 02 58 00 35 00 00 00 64 ...!.... .X.5...d
[0080] 00 58 06 76 6D 2D 30 36 37 07 64 6F 6D 2D 30 36 .X.vm-06 7.dom-06
[0090] 37 03 61 62 63 03 69 64 6D 03 6C 61 62 03 65 6E 7.abc.id m.lab.en
[00A0] 67 03 62 72 71 06 72 65 64 68 61 74 03 63 6F 6D g.brq.re dhat.com
[00B0] 00 C0 82 00 01 00 01 00 00 0E 10 00 04 0A 25 AA ........ ......%.
[00C0] 7E C0 82 00 1C 00 01 00 00 0E 10 00 10 26 20 00 ~....... .....& .
[00D0] 52 00 00 25 AA 84 ED 7D 2F 14 84 60 E1 R..%...} /..`.
dns_cli_request_udp_done: Got op=8580 1/1/0/0 recs
remove_duplicate_addrs2: looking for duplicate address/port pairs
internal_resolve_name: returning 2 addresses: 10.37.170.126:88 2620:52:0:25aa:84ed:7d2f:1484:60e1:88
Adding 2 DC's from auto lookup
check_negative_conn_cache returning result 0 for domain dom-067.abc.idm.lab.eng.brq.redhat.com server 10.37.170.126
check_negative_conn_cache returning result 0 for domain dom-067.abc.idm.lab.eng.brq.redhat.com server 2620:52:0:25aa:84ed:7d2f:1484:60e1
remove_duplicate_addrs2: looking for duplicate address/port pairs
get_dc_list: returning 2 ip addresses in an ordered list
get_dc_list: 10.37.170.126:88 2620:52:0:25aa:84ed:7d2f:1484:60e1:88
got 2 addresses from site Default-First-Site-Name search
saf_fetch: failed to find server for "dom-067.abc.idm.lab.eng.brq.redhat.com" domain
get_dc_list: preferred server list: ", *"
internal_resolve_name: looking up dom-067.abc.idm.lab.eng.brq.redhat.com#dcdc (sitename (null))
resolve_ads: Attempting to resolve KDCs for dom-067.abc.idm.lab.eng.brq.redhat.com using DNS
dns_lookup_send_next: Sending DNS request #0 to 10.37.170.126
dns_cli_request_send: Asking 10.37.170.126 for _kerberos._tcp.dc._msdcs.dom-067.abc.idm.lab.eng.brq.redhat.com/1/33 via UDP
[0000] CD E6 01 00 00 01 00 00 00 00 00 00 09 5F 6B 65 ........ ....._ke
[0010] 72 62 65 72 6F 73 04 5F 74 63 70 02 64 63 06 5F rberos._ tcp.dc._
[0020] 6D 73 64 63 73 07 64 6F 6D 2D 30 36 37 03 61 62 msdcs.do m-067.ab
[0030] 63 03 69 64 6D 03 6C 61 62 03 65 6E 67 03 62 72 c.idm.la b.eng.br
[0040] 71 06 72 65 64 68 61 74 03 63 6F 6D 00 00 21 00 q.redhat .com..!.
[0050] 01 .
[0000] CD E6 85 80 00 01 00 01 00 00 00 02 09 5F 6B 65 ........ ....._ke
[0010] 72 62 65 72 6F 73 04 5F 74 63 70 02 64 63 06 5F rberos._ tcp.dc._
[0020] 6D 73 64 63 73 07 64 6F 6D 2D 30 36 37 03 61 62 msdcs.do m-067.ab
[0030] 63 03 69 64 6D 03 6C 61 62 03 65 6E 67 03 62 72 c.idm.la b.eng.br
[0040] 71 06 72 65 64 68 61 74 03 63 6F 6D 00 00 21 00 q.redhat .com..!.
[0050] 01 C0 0C 00 21 00 01 00 00 02 58 00 35 00 00 00 ....!... ..X.5...
[0060] 64 00 58 06 76 6D 2D 30 36 37 07 64 6F 6D 2D 30 d.X.vm-0 67.dom-0
[0070] 36 37 03 61 62 63 03 69 64 6D 03 6C 61 62 03 65 67.abc.i dm.lab.e
[0080] 6E 67 03 62 72 71 06 72 65 64 68 61 74 03 63 6F ng.brq.r edhat.co
[0090] 6D 00 C0 63 00 01 00 01 00 00 0E 10 00 04 0A 25 m..c.... .......%
[00A0] AA 7E C0 63 00 1C 00 01 00 00 0E 10 00 10 26 20 .~.c.... ......&
[00B0] 00 52 00 00 25 AA 84 ED 7D 2F 14 84 60 E1 .R..%... }/..`.
dns_cli_request_udp_done: Got op=8580 1/1/0/0 recs
remove_duplicate_addrs2: looking for duplicate address/port pairs
internal_resolve_name: returning 2 addresses: 10.37.170.126:88 2620:52:0:25aa:84ed:7d2f:1484:60e1:88
Adding 2 DC's from auto lookup
check_negative_conn_cache returning result 0 for domain dom-067.abc.idm.lab.eng.brq.redhat.com server 10.37.170.126
check_negative_conn_cache returning result 0 for domain dom-067.abc.idm.lab.eng.brq.redhat.com server 2620:52:0:25aa:84ed:7d2f:1484:60e1
remove_duplicate_addrs2: looking for duplicate address/port pairs
get_dc_list: returning 2 ip addresses in an ordered list
get_dc_list: 10.37.170.126:88 2620:52:0:25aa:84ed:7d2f:1484:60e1:88
got 2 addresses from site-less search
get_kdc_ip_string: 1 additional KDCs to test
&response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX
command : LOGON_SAM_LOGON_RESPONSE_EX (23)
sbz : 0x0000 (0)
server_type : 0x000033fd (13309)
1: NBT_SERVER_PDC
1: NBT_SERVER_GC
1: NBT_SERVER_LDAP
1: NBT_SERVER_DS
1: NBT_SERVER_KDC
1: NBT_SERVER_TIMESERV
1: NBT_SERVER_CLOSEST
1: NBT_SERVER_WRITABLE
1: NBT_SERVER_GOOD_TIMESERV
0: NBT_SERVER_NDNC
0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
1: NBT_SERVER_FULL_SECRET_DOMAIN_6
1: NBT_SERVER_ADS_WEB_SERVICE
0: NBT_SERVER_DS_8
0: NBT_SERVER_HAS_DNS_NAME
0: NBT_SERVER_IS_DEFAULT_NC
0: NBT_SERVER_FOREST_ROOT
domain_uuid : 4b28f74a-1d16-42b9-be98-97ad877b34da
forest : 'dom-067.abc.idm.lab.eng.brq.redhat.com'
dns_domain : 'dom-067.abc.idm.lab.eng.brq.redhat.com'
pdc_dns_name : 'vm-067.dom-067.abc.idm.lab.eng.brq.redhat.com'
domain_name : 'DOM-067'
pdc_name : 'VM-067'
user_name : ''
server_site : 'Default-First-Site-Name'
client_site : 'Default-First-Site-Name'
sockaddr_size : 0x00 (0)
sockaddr: struct nbt_sockaddr
sockaddr_family : 0x00000000 (0)
pdc_ip : (null)
remaining : DATA_BLOB length=0
next_closest_site : NULL
nt_version : 0x00000005 (5)
1: NETLOGON_NT_VERSION_1
0: NETLOGON_NT_VERSION_5
1: NETLOGON_NT_VERSION_5EX
0: NETLOGON_NT_VERSION_5EX_WITH_IP
0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
0: NETLOGON_NT_VERSION_AVOID_NT4EMUL
0: NETLOGON_NT_VERSION_PDC
0: NETLOGON_NT_VERSION_IP
0: NETLOGON_NT_VERSION_LOCAL
0: NETLOGON_NT_VERSION_GC
lmnt_token : 0xffff (65535)
lm20_token : 0xffff (65535)
get_kdc_ip_string: Returning kdc = 10.37.170.126
kdc = [2620:52:0:25aa:84ed:7d2f:1484:60e1]:88
create_local_private_krb5_conf_for_domain: wrote file /var/lib/samba/lock/smb_krb5/krb5.conf._JOIN_ with realm DOM-067.ABC.IDM.LAB.ENG.BRQ.REDHAT.COM KDC list = kdc = 10.37.170.126
kdc = [2620:52:0:25aa:84ed:7d2f:1484:60e1]:88
sitename_fetch: Returning sitename for realm 'DOM-067.ABC.IDM.LAB.ENG.BRQ.REDHAT.COM': "Default-First-Site-Name"
internal_resolve_name: looking up vm-067.dom-067.abc.idm.lab.eng.brq.redhat.com#20 (sitename Default-First-Site-Name)
name vm-067.dom-067.abc.idm.lab.eng.brq.redhat.com#20 found.
remove_duplicate_addrs2: looking for duplicate address/port pairs
Connecting to 2620:52:0:25aa:84ed:7d2f:1484:60e1 at port 445
convert_string_handle: E2BIG: convert_string(UTF-8,CP850): srclen=46 destlen=16 error: No more room
Connecting to 2620:52:0:25aa:84ed:7d2f:1484:60e1 at port 139
Connecting to 10.37.170.126 at port 445
convert_string_handle: E2BIG: convert_string(UTF-8,CP850): srclen=46 destlen=16 error: No more room
Connecting to 10.37.170.126 at port 139
Socket options:
SO_KEEPALIVE = 0
SO_REUSEADDR = 0
SO_BROADCAST = 0
TCP_NODELAY = 1
TCP_KEEPCNT = 9
TCP_KEEPIDLE = 7200
TCP_KEEPINTVL = 75
IPTOS_LOWDELAY = 0
IPTOS_THROUGHPUT = 0
SO_REUSEPORT = 0
SO_SNDBUF = 46080
SO_RCVBUF = 364160
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
TCP_QUICKACK = 1
TCP_DEFER_ACCEPT = 0
cli_session_creds_prepare_krb5: Doing kinit for Administrator.IDM.LAB.ENG.BRQ.REDHAT.COM to access vm-067.dom-067.abc.idm.lab.eng.brq.redhat.com
kerberos_kinit_password_ext: as Administrator.IDM.LAB.ENG.BRQ.REDHAT.COM using [MEMORY:cliconnect] as ccache and config [/var/lib/samba/lock/smb_krb5/krb5.conf._JOIN_]
smb_krb5_trace_cb: [11573] 1597138770.543696: Getting initial credentials for Administrator.IDM.LAB.ENG.BRQ.REDHAT.COM
smb_krb5_trace_cb: [11573] 1597138770.543697: Unrecognized enctype name in default_tkt_enctypes: DES-CBC-CRC
smb_krb5_trace_cb: [11573] 1597138770.543698: Unrecognized enctype name in default_tkt_enctypes: DES-CBC-MD5
smb_krb5_trace_cb: [11573] 1597138770.543700: Sending unauthenticated request
smb_krb5_trace_cb: [11573] 1597138770.543701: Sending request (230 bytes) to DOM-067.ABC.IDM.LAB.ENG.BRQ.REDHAT.COM
smb_krb5_trace_cb: [11573] 1597138770.543702: Resolving hostname 10.37.170.126
smb_krb5_trace_cb: [11573] 1597138770.543703: Sending initial UDP request to dgram 10.37.170.126:88
smb_krb5_trace_cb: [11573] 1597138770.543704: Received answer (209 bytes) from dgram 10.37.170.126:88
smb_krb5_trace_cb: [11573] 1597138770.543705: Sending DNS URI query for _kerberos.DOM-067.ABC.IDM.LAB.ENG.BRQ.REDHAT.COM.
smb_krb5_trace_cb: [11573] 1597138770.543706: No URI records found
smb_krb5_trace_cb: [11573] 1597138770.543707: Sending DNS SRV query for _kerberos-master._udp.DOM-067.ABC.IDM.LAB.ENG.BRQ.REDHAT.COM.
smb_krb5_trace_cb: [11573] 1597138770.543708: Sending DNS SRV query for _kerberos-master._tcp.DOM-067.ABC.IDM.LAB.ENG.BRQ.REDHAT.COM.
smb_krb5_trace_cb: [11573] 1597138771.010839: No SRV records found
smb_krb5_trace_cb: [11573] 1597138771.010840: Response was not from master KDC
smb_krb5_trace_cb: [11573] 1597138771.010841: Received error from KDC: -1765328359/Additional pre-authentication required
smb_krb5_trace_cb: [11573] 1597138771.010844: Preauthenticating using KDC method data
smb_krb5_trace_cb: [11573] 1597138771.010845: Processing preauth types: PA-PK-AS-REQ (16), PA-PK-AS-REP_OLD (15), PA-ETYPE-INFO2 (19), PA-ENC-TIMESTAMP (2)
smb_krb5_trace_cb: [11573] 1597138771.010846: Selected etype info: etype rc4-hmac, salt "", params ""
smb_krb5_trace_cb: [11573] 1597138771.010847: AS key obtained for encrypted timestamp: rc4-hmac/A4BB
smb_krb5_trace_cb: [11573] 1597138771.010849: Preauth module encrypted_timestamp (2) (real) returned: -1765328206/Cryptosystem internal error
smb_krb5_trace_cb: [11573] 1597138771.010850: Retrying AS request with master KDC
smb_krb5_trace_cb: [11573] 1597138771.010851: Getting initial credentials for Administrator.IDM.LAB.ENG.BRQ.REDHAT.COM
smb_krb5_trace_cb: [11573] 1597138771.010852: Unrecognized enctype name in default_tkt_enctypes: DES-CBC-CRC
smb_krb5_trace_cb: [11573] 1597138771.010853: Unrecognized enctype name in default_tkt_enctypes: DES-CBC-MD5
smb_krb5_trace_cb: [11573] 1597138771.010855: Sending unauthenticated request
smb_krb5_trace_cb: [11573] 1597138771.010856: Sending request (230 bytes) to DOM-067.ABC.IDM.LAB.ENG.BRQ.REDHAT.COM (master)
smb_krb5_trace_cb: [11573] 1597138771.010857: Sending DNS URI query for _kerberos.DOM-067.ABC.IDM.LAB.ENG.BRQ.REDHAT.COM.
smb_krb5_trace_cb: [11573] 1597138771.010858: No URI records found
smb_krb5_trace_cb: [11573] 1597138771.010859: Sending DNS SRV query for _kerberos-master._udp.DOM-067.ABC.IDM.LAB.ENG.BRQ.REDHAT.COM.
smb_krb5_trace_cb: [11573] 1597138771.010860: Sending DNS SRV query for _kerberos-master._tcp.DOM-067.ABC.IDM.LAB.ENG.BRQ.REDHAT.COM.
smb_krb5_trace_cb: [11573] 1597138771.010861: No SRV records found
Kinit for Administrator.IDM.LAB.ENG.BRQ.REDHAT.COM to access vm-067.dom-067.abc.idm.lab.eng.brq.redhat.com failed: Generic preauthentication failure
cli_session_setup_spnego_send: Connect to vm-067.dom-067.abc.idm.lab.eng.brq.redhat.com as Administrator.IDM.LAB.ENG.BRQ.REDHAT.COM using SPNEGO
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
Starting GENSEC mechanism spnego
Starting GENSEC submechanism gse_krb5
smb_gss_krb5_import_cred ccache[MEMORY:cliconnect] failed with [Unspecified GSS failure. Minor code may provide more information: No credentials cache found] -the caller may retry after a kinit.
Failed to start GENSEC client mech gse_krb5: NT_STATUS_INTERNAL_ERROR
Starting GENSEC submechanism ntlmssp
negotiate: struct NEGOTIATE_MESSAGE
Signature : 'NTLMSSP'
MessageType : NtLmNegotiate (1)
NegotiateFlags : 0x62088215 (1644724757)
1: NTLMSSP_NEGOTIATE_UNICODE
0: NTLMSSP_NEGOTIATE_OEM
1: NTLMSSP_REQUEST_TARGET
1: NTLMSSP_NEGOTIATE_SIGN
0: NTLMSSP_NEGOTIATE_SEAL
0: NTLMSSP_NEGOTIATE_DATAGRAM
0: NTLMSSP_NEGOTIATE_LM_KEY
0: NTLMSSP_NEGOTIATE_NETWARE
1: NTLMSSP_NEGOTIATE_NTLM
0: NTLMSSP_NEGOTIATE_NT_ONLY
0: NTLMSSP_ANONYMOUS
0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
0: NTLMSSP_TARGET_TYPE_DOMAIN
0: NTLMSSP_TARGET_TYPE_SERVER
0: NTLMSSP_TARGET_TYPE_SHARE
1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
0: NTLMSSP_NEGOTIATE_IDENTIFY
0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
0: NTLMSSP_NEGOTIATE_TARGET_INFO
1: NTLMSSP_NEGOTIATE_VERSION
1: NTLMSSP_NEGOTIATE_128
1: NTLMSSP_NEGOTIATE_KEY_EXCH
0: NTLMSSP_NEGOTIATE_56
DomainNameLen : 0x0000 (0)
DomainNameMaxLen : 0x0000 (0)
DomainName : *
DomainName : ''
WorkstationLen : 0x0000 (0)
WorkstationMaxLen : 0x0000 (0)
Workstation : *
Workstation : ''
Version: struct ntlmssp_VERSION
ProductMajorVersion : NTLMSSP_WINDOWS_MAJOR_VERSION_6 (6)
ProductMinorVersion : NTLMSSP_WINDOWS_MINOR_VERSION_1 (1)
ProductBuild : 0x0000 (0)
Reserved: ARRAY(3)
[0] : 0x00 (0)
[1] : 0x00 (0)
[2] : 0x00 (0)
NTLMRevisionCurrent : NTLMSSP_REVISION_W2K3 (15)
gensec_update_send: ntlmssp[0x558059e379d0]: subreq: 0x558059e1a850
gensec_update_send: spnego[0x558059e35e30]: subreq: 0x558059e41550
gensec_update_done: ntlmssp[0x558059e379d0]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0x558059e1a850/../../auth/ntlmssp/ntlmssp.c:181]: state[2] error[0 (0x0)] state[struct gensec_ntlmssp_update_state (0x558059e1aa00)] timer[(nil)] finish[../../auth/ntlmssp/ntlmssp.c:215]
gensec_update_done: spnego[0x558059e35e30]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0x558059e41550/../../auth/gensec/spnego.c:1629]: state[2] error[0 (0x0)] state[struct gensec_spnego_update_state (0x558059e41700)] timer[(nil)] finish[../../auth/gensec/spnego.c:2113]
Got challenge flags:
Got NTLMSSP neg_flags=0x62898215
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_TARGET_TYPE_DOMAIN
NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
NTLMSSP_NEGOTIATE_TARGET_INFO
NTLMSSP_NEGOTIATE_VERSION
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
challenge: struct CHALLENGE_MESSAGE
Signature : 'NTLMSSP'
MessageType : NtLmChallenge (0x2)
TargetNameLen : 0x000e (14)
TargetNameMaxLen : 0x000e (14)
TargetName : *
TargetName : 'DOM-067'
NegotiateFlags : 0x62898215 (1653178901)
1: NTLMSSP_NEGOTIATE_UNICODE
0: NTLMSSP_NEGOTIATE_OEM
1: NTLMSSP_REQUEST_TARGET
1: NTLMSSP_NEGOTIATE_SIGN
0: NTLMSSP_NEGOTIATE_SEAL
0: NTLMSSP_NEGOTIATE_DATAGRAM
0: NTLMSSP_NEGOTIATE_LM_KEY
0: NTLMSSP_NEGOTIATE_NETWARE
1: NTLMSSP_NEGOTIATE_NTLM
0: NTLMSSP_NEGOTIATE_NT_ONLY
0: NTLMSSP_ANONYMOUS
0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
1: NTLMSSP_TARGET_TYPE_DOMAIN
0: NTLMSSP_TARGET_TYPE_SERVER
0: NTLMSSP_TARGET_TYPE_SHARE
1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
0: NTLMSSP_NEGOTIATE_IDENTIFY
0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
1: NTLMSSP_NEGOTIATE_TARGET_INFO
1: NTLMSSP_NEGOTIATE_VERSION
1: NTLMSSP_NEGOTIATE_128
1: NTLMSSP_NEGOTIATE_KEY_EXCH
0: NTLMSSP_NEGOTIATE_56
ServerChallenge : 5e08ab9d1507d787
Reserved : 0000000000000000
TargetInfoLen : 0x0130 (304)
TargetInfoMaxLen : 0x0130 (304)
TargetInfo : *
TargetInfo: struct AV_PAIR_LIST
count : 0x00000007 (7)
pair: ARRAY(7)
pair: struct AV_PAIR
AvId : MsvAvNbDomainName (0x2)
AvLen : 0x000e (14)
Value : union ntlmssp_AvValue(case 0x2)
AvNbDomainName : 'DOM-067'
pair: struct AV_PAIR
AvId : MsvAvNbComputerName (0x1)
AvLen : 0x000c (12)
Value : union ntlmssp_AvValue(case 0x1)
AvNbComputerName : 'VM-067'
pair: struct AV_PAIR
AvId : MsvAvDnsDomainName (0x4)
AvLen : 0x004c (76)
Value : union ntlmssp_AvValue(case 0x4)
AvDnsDomainName : 'dom-067.abc.idm.lab.eng.brq.redhat.com'
pair: struct AV_PAIR
AvId : MsvAvDnsComputerName (0x3)
AvLen : 0x005a (90)
Value : union ntlmssp_AvValue(case 0x3)
AvDnsComputerName : 'vm-067.dom-067.abc.idm.lab.eng.brq.redhat.com'
pair: struct AV_PAIR
AvId : MsvAvDnsTreeName (0x5)
AvLen : 0x004c (76)
Value : union ntlmssp_AvValue(case 0x5)
AvDnsTreeName : 'dom-067.abc.idm.lab.eng.brq.redhat.com'
pair: struct AV_PAIR
AvId : MsvAvTimestamp (0x7)
AvLen : 0x0008 (8)
Value : union ntlmssp_AvValue(case 0x7)
AvTimestamp : Tue Aug 11 04:38:17 2020 EDT
pair: struct AV_PAIR
AvId : MsvAvEOL (0x0)
AvLen : 0x0000 (0)
Value : union ntlmssp_AvValue(case 0x0)
Version: struct ntlmssp_VERSION
ProductMajorVersion : NTLMSSP_WINDOWS_MAJOR_VERSION_6 (0x6)
ProductMinorVersion : NTLMSSP_WINDOWS_MINOR_VERSION_1 (0x1)
ProductBuild : 0x1db1 (7601)
Reserved : 000000
NTLMRevisionCurrent : NTLMSSP_REVISION_W2K3 (0xF)
gensec_update_send: ntlmssp[0x558059e379d0]: subreq: 0x558059e354a0
gensec_update_send: spnego[0x558059e35e30]: subreq: 0x558059e3e610
gensec_update_done: ntlmssp[0x558059e379d0]: NT_STATUS_NO_MEMORY tevent_req[0x558059e354a0/../../auth/ntlmssp/ntlmssp.c:181]: state[3] error[-7963671676338569193 (0x917B5ACDC0000017)] state[struct gensec_ntlmssp_update_state (0x558059e35650)] timer[(nil)] finish[../../auth/ntlmssp/ntlmssp.c:218]
gensec_spnego_client_negTokenTarg_step: SPNEGO(ntlmssp) login failed: NT_STATUS_NO_MEMORY
gensec_update_done: spnego[0x558059e35e30]: NT_STATUS_NO_MEMORY tevent_req[0x558059e3e610/../../auth/gensec/spnego.c:1629]: state[3] error[-7963671676338569193 (0x917B5ACDC0000017)] state[struct gensec_spnego_update_state (0x558059e3e7c0)] timer[(nil)] finish[../../auth/gensec/spnego.c:2036]
SPNEGO login failed: {Not Enough Quota} Not enough virtual memory or paging file quota is available to complete the specified operation.
libnet_Join:
libnet_JoinCtx: struct libnet_JoinCtx
out: struct libnet_JoinCtx
account_name : 'CI-VM-10-0-136-$'
netbios_domain_name : NULL
dns_domain_name : NULL
forest_name : NULL
dn : NULL
domain_guid : 00000000-0000-0000-0000-000000000000
domain_sid : NULL
domain_sid : (NULL SID)
modified_config : 0x00 (0)
error_string : 'failed to lookup DC info for domain 'dom-067.abc.idm.lab.eng.brq.redhat.com' over rpc: {Not Enough Quota} Not enough virtual memory or paging file quota is available to complete the specified operation.'
domain_is_ad : 0x00 (0)
set_encryption_types : 0x00000000 (0)
krb5_salt : NULL
result : WERR_NOT_ENOUGH_MEMORY
return code = -1
ah, wait, let me check with AES keys ... (In reply to Sumit Bose from comment #8) > ah, wait, let me check with AES keys ... ok, sorry for the noise, with AES keys available using '-k' is working as you have expected. bye, Sumit Upstream: - f5a5b00033a3d9d55cb8661d1cf5e63facc1ea72 Tested with following data:
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: TEST PROTOCOL
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Test run ID : 3758001
Package : realmd
Installed : realmd-0.16.3-19.el8.x86_64
:: [ 09:36:58 ] :: [ BEGIN ] :: Running 'mv /etc/samba/smb.conf /etc/samba/smb.conf_bk'
:: [ 09:36:58 ] :: [ PASS ] :: Command 'mv /etc/samba/smb.conf /etc/samba/smb.conf_bk' (Expected 0, got 0)
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: Duration: 16s
:: Assertions: 23 good, 0 bad
:: RESULT: PASS (Setup)
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: Join with membership software: samba
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [ 09:36:58 ] :: [ BEGIN ] :: Running 'echo Pass2012! | kinit Amy.QE'
Password for Amy.QE:
:: [ 09:37:01 ] :: [ PASS ] :: Command 'echo Pass2012! | kinit Amy.QE' (Expected 0, got 0)
:: [ 09:37:01 ] :: [ BEGIN ] :: Running 'realm -v join --membership-software=samba --client-software=winbind ad.baseos.qe'
* Resolving: _ldap._tcp.ad.baseos.qe
* Performing LDAP DSE lookup on: 10.37.152.14
* Successfully discovered: ad.baseos.qe
* Required files: /usr/libexec/oddjob/mkhomedir, /usr/sbin/oddjobd, /usr/bin/wbinfo, /usr/sbin/winbindd, /usr/bin/net
* Joining using a truncated netbios name: CI-VM-10-0-139-
* LANG=C LOGNAME=root KRB5CCNAME=/var/cache/realmd/realm-ad-kerberos-N3A7P0 /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.SGA7P0 -k ads join ad.baseos.qe
Using short domain name -- AD
Joined 'CI-VM-10-0-139-' to dns domain 'ad.baseos.qe'
No DNS domain configured for ci-vm-10-0-139-. Unable to perform DNS Update.
DNS update failed: NT_STATUS_INVALID_PARAMETER
* LANG=C LOGNAME=root KRB5CCNAME=/var/cache/realmd/realm-ad-kerberos-N3A7P0 /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.SGA7P0 -k ads keytab create
* /usr/bin/systemctl enable winbind.service
Created symlink /etc/systemd/system/multi-user.target.wants/winbind.service → /usr/lib/systemd/system/winbind.service.
* /usr/bin/systemctl restart winbind.service
* /usr/bin/sh -c /usr/bin/authselect select winbind with-mkhomedir --force && /usr/bin/systemctl enable oddjobd.service && /usr/bin/systemctl start oddjobd.service
Backup stored at /var/lib/authselect/backups/2020-09-02-13-37-29.iYcpfV
Profile "winbind" was selected.
The following nsswitch maps are overwritten by the profile:
- passwd
- group
Make sure that winbind service is configured and enabled. See winbind documentation for more information.
- with-mkhomedir is selected, make sure pam_oddjob_mkhomedir module
is present and oddjobd service is enabled and active
- systemctl enable --now oddjobd.service
Created symlink /etc/systemd/system/multi-user.target.wants/oddjobd.service → /usr/lib/systemd/system/oddjobd.service.
* Successfully enrolled machine in realm
:: [ 09:37:29 ] :: [ PASS ] :: Command 'realm -v join --membership-software=samba --client-software=winbind ad.baseos.qe' (Expected 0, got 0)
marking verified.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (realmd bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:4601 |