on a to be joined system (with no pre-existing /etc/krb5.keytab)

joining to windows AD now fails (where previously it would succeed)


KRB5_CONFIG=/tmp/YaST2-22963-aVzKaP/krb5.conf net ads join  -s /tmp/YaST2-22963-aVzKaP/smb.conf 

e.g.

pw2kt_process_add_info: Failed to parse principal: RestrictedKrbHost/TW2024
Failed to join domain: failed to create kerberos keytab

where krb5.conf & smb.conf are minimal config (provided as part of yast2 to provision a windows client)


krb5.conf

[realms]
	SOMETESTDOMAIN1.MY.COM = {
	kdc = SomeWinDC.sometestdomain1.my.com
	}

but... it appears adding section



[libdefaults]
	default_realm = SOMETESTDOMAIN1.MY.COM


to krb5.conf fixes the problem.

(In reply to Noel Power from comment #2)

I can remember testing (quite a few years ago) just what was required in /etc/krb5.conf and it turned out it was just that, you do not need the '[realms]' part.

Also, since when did yast run on a Windows machine ?

This bug was referenced in samba master:

cf34645050df64d6b8c4fa45394c3feebe691e79
c72554260c950d0ef7652955a59f0f68a026f4f2

This bug was referenced in samba master:

5cadaf91bc96cd2a8e0f6bcbd8a212e86b714180

Created attachment 18598 [details]
4.22 patch

Created attachment 18599 [details]
4.21 patch

Jule, please integrate the 4.21 and 4.22 patches.

Pushed to autobuild-v4-{22,21}-test.

This bug was referenced in samba v4-21-test:

c0e3cabdb70fe8950813dc083b159cbe72571996
92253a4708b0b0b529df9aa1c97242babce2165c
d7ac6062d61b7d620860dd7e97691edf1c2acd36

This bug was referenced in samba v4-22-test:

3849e7abe6d7b1724ae6ab285e25c22086525d3f
83c60df6e8dd604c4954e1b444b8d2332dbff62b
f8f85cf8533824e0c3fae7e4cac363c692f249c5

Closing out bug report.

Thanks!

This bug was referenced in samba v4-21-stable (Release samba-4.21.5):

c0e3cabdb70fe8950813dc083b159cbe72571996
92253a4708b0b0b529df9aa1c97242babce2165c
d7ac6062d61b7d620860dd7e97691edf1c2acd36

This bug was referenced in samba v4-22-stable (Release samba-4.22.1):

3849e7abe6d7b1724ae6ab285e25c22086525d3f
83c60df6e8dd604c4954e1b444b8d2332dbff62b
f8f85cf8533824e0c3fae7e4cac363c692f249c5

This bug was referenced in samba master:

b5bd36dfd7dfd9a09a3f9378330df3be9db4551f

Created attachment 18636 [details]
4.22 patch

Created attachment 18637 [details]
4.21 patch

Jule, please integrate the 4.21 and 4.22 patches.

Pushed to autobuild-v4-{22,21}-test.

This bug was referenced in samba v4-21-test:

8743dd673afaea23683ce5f82a33b67909b4de73

This bug was referenced in samba v4-22-test:

c9064d2372bff87bbf79c1ee05588a5d71f067c0

Closing out bug report.

Thanks!

This bug was referenced in samba v4-21-stable (Release samba-4.21.6):

8743dd673afaea23683ce5f82a33b67909b4de73

This bug was referenced in samba v4-22-stable (Release samba-4.22.2):

c9064d2372bff87bbf79c1ee05588a5d71f067c0