Domain authentication fail after domain server windows update

WSchanz · June 12, 2020, 1:46pm

Hi, today suddenly the authentication of UCS at AD-Domain is not working. Probably caused by the domain server windows update running this night.
Try to reconnect by reset the domain computer account fails with ERROR_DNS_UPDATE_FAILED.

root@mmnucs:~# kinit --no-addresses --password-file=/etc/machine.secret MMNUCS
kinit: krb5_get_init_creds: unable to reach any KDC in realm IBMMN.LOCAL
root@mmnucs:~#
root@mmnucs:~# net ads join -U Admin machinepass=xxxxxxxxxxxxxxxx
Enter Admin’s password:
Using short domain name – IBMMN
Joined ‘MMNUCS’ to dns domain ‘IBMMN.local’
DNS Update for mmnucs.ibmmn.local failed: ERROR_DNS_UPDATE_FAILED
DNS update failed: NT_STATUS_UNSUCCESSFUL
root@mmnucs:~#

I can login only as root - all domain accounts are not working.
How to go further to find a solution?

Thanks in advance

externa1 · June 13, 2020, 7:57pm

you should not use a .local domain (for information google mDNS)

I already migrated all of my old .local Domains as it is impossible to join linux pc’s to ad domain with .local

rg
Christian

WSchanz · June 15, 2020, 5:05am

Thanks for advise but I can’t change the entire domain structure right now. I don’t believe that this is the problem cause it runs for several years using this domain.

More information: ucs server ist installed in “Member mode”
Try to set up a fresh UCS system fails at joining ad domain too.