After MANY MANY searches, I have been unable to find a solution to this issue. Here's the setup:
Windows Server 2008 R2
CentOS Samba client version 3.2.4-0.22
When attempting to join AD, originally I was getting 'KDC - No support for encryption type' I then added:
default_tkt_enctypes = rc4-hmac des-cbc-md5
default_tgs_enctypes = rc4-hmac des-cbc-md5
to my krb5.conf This was after the suggestions of using DES for the domain admin user. In this case, DES was turned off and that issue was resolved. From there, I can run kinit user@DOMAIN.COM and pull a ticket noted by klist. kdestroy
removes the ticket. When I attempt to join in my lab, all is well. In the field however, I am now getting: "kinit client credentials have been revoked" After setting the DNS to the DC and syncing the time with the DC, I have attempted the
1. Reset the domain admin account password - No change
2. Delete the computer account - The computer account is created when attempting to join; however, the same error is thrown with the box not being joined.
3. Delete the computer account and manually create it - No change
4. Add computer account to domain admin group - no change
I'm sure i'm forgetting some things as I've been working on this off and on for weeks. I should note: I am NOT getting "client credentials have been revoked while getting initial credentials" I am getting "kerberos_kinit_password COMPUTER@DOMAIN.COM
failed: Clients credentials have been revoked"
This machine was previously joined to the domain. In my lab environment, this is fully functional and works with the same PC. I'm hoping someone has some experience with this issue or some direction.
Dipindahkan olehDon Pattee25 Maret 2012 5:55Windows Server q (From:Windows HPC Server Deployment, Management, and Administration)