我正在尝试加入Ubuntu Server 16.04.3(全新安装)加入AD遵循指南
https://www.starwindsoftware.com/blog/ubuntu-join-a-server-to-an-active-directory-domain
/etc/krb5.conf包含如下:
[libdefaults] ticket_lifetime = 24000 default_realm = mydomain.local default_tgs_entypes = rc4-hmac des-cbc-md5 default_tkt__enctypes = rc4-hmac des-cbc-md5 permitted_enctypes = rc4-hmac des-cbc-md5 dns_lookup_realm = true dns_lookup_kdc = true dns_fallback = yes [realms] mydomain.local = { kdc = pdc.mydomain.local kdc = sdc.mydomain.local default_domain = pdc.mydomain.local } [domain_realm] .mydomain.local = pdc.mydomain.local mydomain.local = pdc.mydomain.local [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false } [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log
运行sudo kinit domainuser我收到错误:kinit:初始化Kerberos 5库时Kerberos配置文件的格式不正确.谷歌搜索我发现了CentOS7 Kerberos Auth: Improper format of Kerberos configuration file;.我已经检查了/etc/krb5.conf语法没有错误.
也许更简单的配置进行故障排除? (另外,注意大写,即使看起来很随意也很重要.)
[libdefaults] default_realm = MYDOMAIN.LOCAL ticket_lifetime = 24h renew_lifetime = 7d dns_lookup_realm = false [realms] MYDOMAIN.LOCAL = { kdc = pdc.mydomain.local kdc = sdc.mydomain.local } [domain_realm] mydomain.local = MYDOMAIN.LOCAL .mydomain.local = MYDOMAIN.LOCAL [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log
如果这样做,您可以开始添加其他设置,直到出现故障.