On Wed, Oct 15, 2014 at 04:46:44PM +0300, Cristian Falcas wrote:
Hello,
I'm trying to login on a machine from domain2 (machine is joined in
domain2) using a user from domain1, but it keeps failing. Also, using pbis
I can login without problems.
Users from domain2 can login successfully. Also, I can login on machines
registered in domain1 using the same user.
Most probably it fails because of this error:
Extended failure message: [SASL(-1): generic failure: GSSAPI Error:
Unspecified GSS failure. Minor code may provide more information (Server
not found in Kerberos database)]
Maybe someone can take a look at the attached logs and give me a hint on
what is wrong?
I'm sorry about the delayed response,
Can you try searching the domain2 AD DC with ldapsearch together with -Y
GSSAPI option?
kinit -k 'V-REPO-OP-02$'
ldapsearch -Y GSSAPI -h AD_DC
Does ldapsearch work against either of your DCs?
How did you obtain the keytab, did you use realmd?