I'm using Astaro 7.405 and am unable to join the box to the domain.
I have the Bind DN correct as I've got the Active Directory configuration completed, it tests out just fine.
When I try to configure SSO, I always get the error message "Joining the Domain Failed".
I've referred to other posts on the forum. I have a DNS forwarder to resolve the internal FQDN of the host. I made sure the time matches on both the DC and the Astaro box. The AD config tests out fine. I've used multiple different users to add the server to AD. I've tried creating a pre-Windows2000 object. That doesn't work anyway; the computer object gets deleted anyway as soon as I try to join the Astaro box to the domain. I added the Astaro box to DNS as an A record.
Not only does the active directory configuration work, I can get LDAP to work. But, I would like to get SSO to work.
The domain is a Windows 2003 native setup. The DC is Windows 2003 R2, SP2, patches all up to date.
When I look at the security event log, the users I'm attempting to use to add the Astaro box to AD gets success messages.
The error log on the Astaro box shows:
astaro [user:err] net:[current date] libads/kerberos_keytab.c:ads_keytab_add_entry(291)
astaro [user:err] net: ads_keytab_add_entry: unable to determine machine account's dns name in AD
But, I don't know why that comes up that way. I can resolve the FQDN just fine against the AD DNS server.
I've tried both with the A record in DNS and without. Both with and without the machine account in AD. No luck in any of the cases.
Has anyone else experienced this?
Thank you
This thread was automatically locked due to age.
