On (12/06/17 15:30), Abhijit Tikekar wrote: > >Hi, > >We recently started facing this error on all new servers that need to be >integrated with AD using SSSD. Every time “net ads join -k” command is issued, >following error is returned: >“Failed to join domain: failed to lookup DC info for domain X.Y.LOCAL' over >rpc: NT_STATUS_CONNECTION_RESET”. [ In the packet capture, we do see reset’s >coming from DC] >
This errors does not seem to be related to sssd. >This is also happening on servers already connected with AD. Same error, >although since they already have established join, authentication continues to >work. Also, noticed that after doing “net ads keytab create”, keytab file is >no longer getting generated under /etc. > >AD team has recently disabled SMB V1 completely on the domain controllers. >Could that be somehow causing this? I tried setting “client max protocol = >SMB3” in smb.conf but that didn’t help. >[ for " net ads keytab add" or " net ads keytab create" it now says: >Ignoring unknown parameter "client max protocol"] > So is the problem with the utility net from the package samba or with sssd? LS _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
