I'm trying to join Active Directory in Xubuntu 16.04 in a enterprise business enviroment so I'll change the name of my REALM by MY.EXAMPLE.CORP. My issue is: when I run
net ads join -U Administrator
it asks me the password for the AD administrator account, I put the password but it stills there, it doesn't give an error or success message. Just still there. The terminal just hanged in there
I tried the kinit and klist commands and the result is:
Tickect cache: FILE:/tmp/krb5cc_0
Default principal: Administrator@MY.EXAMPLE.CORP
Valid starting Expires Service principal
11/11/16 09:58:40 11/11/16 19:58:40 krbgt/MY.EXAMPLE.CORP@MY.EXAMPLE.CORP
renew until 12/11/16 09:58:34
These are the changes that I've done in every file. krb5.conf, smb.conf, nsswitch.conf
krb5.conf
[libdefaults]
default_realm = MY.DOMAIN.CORP
....
[realms]
DOMAIN = {
kdc = SERVER01.MY.DOMAIN.CORP
kdc = SERVER02.MY.DOMAIN.CORP
admin_server = SERVER01.MY.DOMAIN.CORP SERVER.MY.DOMAIN.CORP
default_domain = MY.DOMAIN.CORP
}
....
[domain_realm]
SERVER01.MY.DOMAIN.CORP = MY.DOMAIN.CORP
SERVER02.MY.DOMAIN.CORP = MY.DOMAIN.CORP
.MY.DOMAIN.CORP = MY.DOMAIN.CORP
MY.DOMAIN.CORP = MY.DOMAIN.CORP
smb.conf
[global]
workgroup = MYWORKGROUP
realm = MY.DOMAIN.CORP
security = ADS
encrypt passwords = yes
password server = SERVER01.MY.DOMAIN.CORP SERVER02.MYDOMAIN.CORP
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
winbind refresh tickets = true
template homedir = /home/%D/%U
template shell = /bin/bash
winbind use default domain = yes
restrict anonymous = 2
winbind offline logon = yes
nsswitch.conf
passwd: compat winbind
group: compat winbind
shadow: compat
