Hello, sorry for taking so long to get to this bug. realmd was recently promoted to main and I'm going over the existing bugs to see what I can fix with an update I'm preparing.
I tried your use case here with a 2019 windows ad server, and it worked. Here is what I did: - created an OU called "linux computers" (note the whitespace) right beside the existing computers one. It became "OU=linux computers,DC=ad1,DC=example,DC=com" - ran this command on the client: ubuntu@g-adclient1:~$ sudo realm join -v --computer-ou="OU=linux computers,DC=ad1,DC=example,DC=com" --os-name=ubuntu --os-version=20.10 --client-software=sssd --automatic-id-mapping=no --membership-software=samba --computer-name=G-ADCLIENT1 ad1.example.com * Resolving: _ldap._tcp.ad1.example.com * Performing LDAP DSE lookup on: 10.51.0.5 * Successfully discovered: ad1.example.com Password for Administrator: * Unconditionally checking packages * Resolving required packages * Joining using a manual netbios name: G-ADCLIENT1 * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.DPICQ0 -U Administrator ads join ad1.example.com createcomputer=linux computers osName=ubuntu osVer=20.10 Enter Administrator's password: Using short domain name -- AD1 Joined 'G-ADCLIENT1' to dns domain 'ad1.example.com' * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.DPICQ0 -U Administrator ads keytab create Enter Administrator's password: * /usr/sbin/update-rc.d sssd enable * /usr/sbin/service sssd restart * Successfully enrolled machine in realm ldapsearch confirms the creation in the right place: ubuntu@g-adclient1:~$ ldapsearch -LLL -Y GSSAPI -b "ou=linux computers,dc=ad1,dc=example,dc=com" objectClass=computer dn cn operatingSystem operatingSystemServicePack operatingSystemVersion SASL/GSSAPI authentication started SASL username: administra...@ad1.example.com SASL SSF: 256 SASL data security layer installed. dn: CN=G-ADCLIENT1,OU=linux computers,DC=ad1,DC=example,DC=com cn: G-ADCLIENT1 operatingSystem: ubuntu operatingSystemVersion: 20.10 operatingSystemServicePack: Samba 4.12.5-Ubuntu The error you got: Failed to join domain: failed to precreate account in ou ou=Linux-Clients,ou=Client Computer,ou=alle Computer,dc=DOMAIN: No such object Seems to imply that one or more components of that tree didn't exist. Let me try again with a space elsewhere in the DN, closer to what you have in your example: Ok, now I have OU=linux-computers,OU=client computers,OU=all computers,DC=ad1,DC=example,DC=com Still worked: ubuntu@g-adclient1:~$ sudo realm join -v --computer-ou="OU=linux-computers,OU=client computers,OU=all computers,DC=ad1,DC=example,DC=com" --os-name=ubuntu --os-version=20.10 --client-software=sssd --automatic-id-mapping=no --membership-software=samba --computer-name=G-ADCLIENT1 ad1.example.com * Resolving: _ldap._tcp.ad1.example.com * Performing LDAP DSE lookup on: 10.51.0.5 * Successfully discovered: ad1.example.com Password for Administrator: * Unconditionally checking packages * Resolving required packages * Joining using a manual netbios name: G-ADCLIENT1 * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.IAZLQ0 -U Administrator ads join ad1.example.com createcomputer=all computers/client computers/linux-computers osName=ubuntu osVer=20.10 Enter Administrator's password: Using short domain name -- AD1 Joined 'G-ADCLIENT1' to dns domain 'ad1.example.com' * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.IAZLQ0 -U Administrator ads keytab create Enter Administrator's password: * /usr/sbin/update-rc.d sssd enable * /usr/sbin/service sssd restart * Successfully enrolled machine in realm ubuntu@g-adclient1:~$ ldapsearch -LLL -Y GSSAPI -b "OU=all computers,DC=ad1,DC=example,DC=com" dn cn operatingSystem operatingSystemServicePack operatingSystemVersion SASL/GSSAPI authentication started SASL username: administra...@ad1.example.com SASL SSF: 256 SASL data security layer installed. dn: OU=all computers,DC=ad1,DC=example,DC=com dn: OU=client computers,OU=all computers,DC=ad1,DC=example,DC=com dn: OU=linux-computers,OU=client computers,OU=all computers,DC=ad1,DC=example, DC=com dn: CN=G-ADCLIENT1,OU=linux-computers,OU=client computers,OU=all computers,DC= ad1,DC=example,DC=com cn: G-ADCLIENT1 operatingSystem: ubuntu operatingSystemVersion: 20.10 operatingSystemServicePack: Samba 4.12.5-Ubuntu The version of realmd I'm using is 0.16.3-3, but samba has changed since ubuntu 19.10: I have 2:4.12.5+dfsg-3ubuntu3 Do you still experience the issue? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1853572 Title: realm fails with option --computer-ou To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/realmd/+bug/1853572/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
