Время с сервера берётся правильно
Сервер пингуется по полному адресу (edu.sbnedu.local)
В яне откопал команду типа kinit Администратор@SBNEDU.LOCAL
При её применении после ввода пароля выходит: kinit: KDC has no support for encryption type while getting initial credentials
Поменял файл krb5.conf таким образом:
includedir /etc/krb5.conf.d/
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = SBNEDU.LOCAL
dns_lookup_kdc = true
dns_lookup_realm = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
; для Windows 2003
default_tgs_enctypes = rc4-hmac des-cbc-crc des-cbc-md5
default_tkt_enctypes = rc4-hmac des-cbc-crc des-cbc-md5
permitted_enctypes = rc4-hmac des-cbc-crc des-cbc-md5
rdns = false
#efault_realm = EXAMPLE.COM
default_ccache_name = KEYRING:persistent:%{uid}
[realms]
SBNEDU.LOCAL = {
default_domain = sbnedu.local
kdc = 192.168.30.1
admin_server = 192.168.30.1
}
# EXAMPLE.COM = {
# default_domain = example.com
# }
[domain_realm]
.sbnedu.local = SBNEDU.LOCAL
sbnedu.local = SBNEDU.LOCAL
# .example.com = EXAMPLE.COM
# example.com = EXAMPLE.COM
net ads join -U ADMIN@SBNEDU.LOCAL выдаёт
Failed to join domain: failed to lookup DC info for domain 'SBNEDU.LOCAL' over rpc: {Device Timeout} The specified I/O operation on %hs was not completed before the time-out period expired.