我想使用realmd从Ubuntu 14.04 LTS加入Active Directory域.
为此,我只使用此命令安装了realmd和一些依赖项:aptitude install realmd sssd sssd-tools samba-common krb5-user.
安装完成后,我尝试使用命令realm加入我的域名–verbose join ad.example.com -U管理员要求输入管理员密码,但是这些输出崩溃了:
* Resolving: _ldap._tcp.ad.example.com * Performing LDAP DSE lookup on: 10.7.0.2 * Successfully discovered: ad.example.com Password for Administrator: * Unconditionally checking packages * Resolving required packages * Installing necessary packages: samba-common-bin * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.QARGGX -U Administrator ads join ad.example.com Enter Administrator's password:DNS update Failed: NT_STATUS_INVALID_ParaMETER Using short domain name -- AD-EXAMPLE Joined 'REALMD-TEST' to dns domain 'ad.example.com' No DNS domain configured for realmd-test. Unable to perform DNS Update. * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.QARGGX -U Administrator ads keytab create Enter Administrator's password: realm: Couldn't join realm: Message did not receive a reply (timeout by message bus)
在那些erros realmd甚至无法工作之后,使用realmd发出的任何命令都会返回:
realm: Couldn't connect to realm service: Error calling StartServiceByName for org.freedesktop.realmd: GDBus.Error:org.freedesktop.DBus.Error.Spawn.ChildSignaled: Process /usr/lib/dbus-1.0/dbus-daemon-launch-helper received signal 11
文件/etc/sssd/sssd.conf似乎正确创建,并且/etc/nsswitch.conf相应地进行了修改.但这还不足以成功加入域名.
我概述了完成这项工作所需的所有步骤.有关安装包的一系列错误.所有底层软件都运行良好,但您必须采取一些步骤才能使工作正常:
http://funwithlinux.net/2014/04/join-ubuntu-14-04-to-active-directory-domain-using-realmd
精简版:
[服务]
自动安装=否
>接下来,安装以下软件包:samba-common-bin,samba-libs,sssd-tools,krb5-user,adcli
>获取AD用户的kerberos票证.
>使用新用户主体(在一行上)加入无人参与模式:
领域–verbose join localdomain.xx –user-principal=myubuntuserver/DomainAdmin@LOCALDOMAIN.XX –unattended
>您提到的错误与sssd中的已知错误(至少目前Fedora / RH已知)有关.对选项use_fully_qualified_names = True的sssd段错误,所以继续并注释掉该选项并重新启动sssd.
