Forgot to mention these details earlier. OS : CentOS 6.9
Samba: samba-3.6.23-43.el6_9.x86_64 Thanks, ~ abhi Sent from my iPhone > On Jun 12, 2017, at 3:30 PM, Abhijit Tikekar <[email protected]> wrote: > > > Hi, > > We recently started facing this error on all new servers that need to be > integrated with AD using SSSD. Every time “net ads join -k” command is > issued, following error is returned: > “Failed to join domain: failed to lookup DC info for domain X.Y.LOCAL' over > rpc: NT_STATUS_CONNECTION_RESET”. [ In the packet capture, we do see reset’s > coming from DC] > > This is also happening on servers already connected with AD. Same error, > although since they already have established join, authentication continues > to work. Also, noticed that after doing “net ads keytab create”, keytab file > is no longer getting generated under /etc. > > AD team has recently disabled SMB V1 completely on the domain controllers. > Could that be somehow causing this? I tried setting “client max protocol = > SMB3” in smb.conf but that didn’t help. > [ for " net ads keytab add" or " net ads keytab create" it now says: > Ignoring unknown parameter "client max protocol"] > > > How can I further troubleshoot this issue? > > > Thanks, > > ~ abhi
_______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
