CentOS domain integration

General support questions
madlu
Posts: 2
Joined: 2018/02/09 08:49:23

CentOS domain integration

Postby madlu » 2018/02/09 09:03:56

I have successfully integrated my CentOS7 Workstation to a Windows Domain and it works great most of the time. My issue is that every once in a while the users cannot login. I have found out, that the domain service only tries the first DC server address listed in /etc/krb5.conf. I haven't been successful in googling a solution. Have any of you come across this issue before?

Here is an "anonymized" version of my /etc/krb5.conf:

Code: Select all

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 default_realm = XXX.YYY.COM
 dns_lookup_realm = false
 dns_lookup_kdc = false
 ticket_lifetime = 24h
 renew_lifetime = 7d
 forwardable = true
 rdns = false
 default_ccache_name = KEYRING:persistent:%{uid}

[realms]
# EXAMPLE.COM = {
#  kdc = kerberos.example.com
#  admin_server = kerberos.example.com
# }

 XXX.YYY.COM = {
  kdc = dc16.xxx.yyy.com
   kdc = dc17.xxx.yyy.com
   kdc = dc18.xxx.yyy.com
   kdc = dc19.xxx.yyy.com
   }

[domain_realm]
# .example.com = EXAMPLE.COM
# example.com = EXAMPLE.COM

 .xxx.yyy.com = XXX.YYY.COM
 xxx.yyy.com = XXX.YYY.COM

Jojo987
Posts: 3
Joined: 2018/01/23 11:11:37

Re: CentOS domain integration

Postby Jojo987 » 2018/02/12 09:30:03

Hey guy ,are you achieve you domain ?

madlu
Posts: 2
Joined: 2018/02/09 08:49:23

Re: CentOS domain integration

Postby madlu » 2018/02/12 10:53:11

Hi, I am not sure, I understand your question. Please rephrase :)