Posted 19 August, 2020
How complex is joining a windows domain to authenticate on a Centos 8 server? very freaking hard. Welcome in 2020, everything is on fire and we are still locked up.
This is a collection of debug attempts to get my Proxmox container, test Centos 8 server authenticate against a domain. For ssh access.
kinit
normal use :
kinit [email protected]
Error : Invalid UID in persistent keyring
kinit: Invalid UID in persistent keyring name while getting default ccache
Solution : comment # default_ccache_name = KEYRING:persistent:%{uid}
on
/etc/krb5.conf
by brunowego
note : this solution from RedHat, is just a syntax error. (not a real solution)
kinit: KDC reply did not match expectations while getting initial credentials
This happened during test of kinit -v
kinit -V [email protected] Using default cache: /tmp/krb5cc_0 Using principal: [email protected] Password for [email protected] kinit: KDC reply did not match expectations while getting initial credentials
The issue was here I had to use AD.DOMAIN.COM
kinit: Password incorrect while getting initial credentials
wrong password during kinit -v [email protected]
klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: [email protected]
Valid starting Expires Service principal
08/19/2020 16:50:08 08/20/2020 02:50:08 krbtgt/[email protected]
renew until 08/25/2020 16:50:08
If you enjoyed this article, please consider buying me a Dr Pepper.
Fuel the beast!
Buy me a Dr Pepper
[…] after my rage post a few weeks back, I finally managed to let Centos 8 talk to AD server for authentication and […]