Hi,

I am working on configuring sssd on SLES 12 SP2 to connect with AD using the following doc

https://www.suse.com/support/kb/doc/?id=7022002

We have modified krb5.conf , smb.conf and /etc/hosts as mentioned in the doc... however we are getting the following error when we try to join the domain

net ads join -k

IP-TD-03837-J5C:/etc/init.d # net ads join -k
Failed to join domain: failed to lookup DC info for domain 'CPGGPC.CA' over rpc: Memory allocation error

I have tried various combinations of lower /upper case realm / server names etc but keep getting the same error. Please see below the config

Would really appreciate any help in resolving this issue

Configure /etc/krb5.conf

[libdefaults]

default_realm = cpggpc.ca
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false

cpggpc.ca = {
kdc = ip-w-00260-g5e.cpggpc.ca
master_kdc = ip-w-00261-g5e.cpggpc.ca
admin_server = ip-w-00261-g5e.cpggpc.ca
}

[logging]
kdc = FILE:/var/log/krb5/krb5kdc.log
admin_server = FILE:/var/log/krb5/kadmind.log
default = SYSLOG:NOTICEAEMON

[domain_realm]
.ad.domain.com = cpggpc.ca
ad.domain.com = cpggpc.ca


configure /etc/samba/smb.conf

Configure /etc/samba/smb.conf

[global]
workgroup = cpggpc.ca
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
include = /etc/samba/dhcp.conf
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
usershare allow guests = No
idmap gid = 10000-20000
idmap uid = 10000-20000
realm = cpggpc.ca
security = ADS
template homedir = /home/%u
template shell = /bin/bash
winbind refresh tickets = yes
winbind use default domain = yes
kerberos method = secrets and keytab
client signing = yes
client use spnego = yes

- Configure /etc/hosts

10.237.90.16 ip-w-00260-g5e ip-w-00260-g5e.cpggpc.ca


- Join the SLES 12 Server to the AD domain

kinit Administrator

net ads join -k

error when relam = cpggpc.ca (in smb.conf)
IP-TD-03837-J5C:/etc/init.d # net ads join -k
Failed to join domain: failed to lookup DC info for domain 'CPGGPC.CA' over rpc: Memory allocation error

error when realm = ip-w-00260-g5e.cpggpc.ca (in smb.conf)
IP-TD-03837-J5C:/etc/init.d # net ads join -k
Failed to join domain: failed to find DC for domain CPGGPC.CA