Problem

If a host has been offline for a while, the AD computer password may have expired and the kerberos ticket may also have expired.

If you try to run adjoin in this condition, it will fail with the following error:

Could not use any valid credentials in keytab
or default machine password.
Try to get a ticket using "kinit" or
reset the machine account in the AD.

klist will probably produce output, depending on platform, similiar to the following:

BoKS# klist

klist: No ticket file: /tmp/krb5cc_0

or

Credentials cache: FILE:/tmp/krb5cc_0
Principal: Administrator@MYDOMAIN.COM


Issued Expires Principal
May 28 13:18:17 2015 >>>Expired<<< krbtgt/MYDOMAIN.COM@MYDOMAIN.COM

Solution

Run kinit to get a valid ticket:

BoKS# kinit boks_ad@MYDOMAIN.COM

boks_ad@MYDOMAIN.COM's Password:

BoKS# klist

Credentials cache: FILE:/tmp/krb5cc_0

Principal: boks_ad@MYDOMAIN.COM

Issued Expires Principal

Feb 12 06:00:48 Feb 12 16:00:48 krbtgt/MYDOMAIN.COM@MYDOMAIN.COM

Then try the adjoin again:

BoKS# adjoin join MYDOMAIN.COM

In this example, the boks_ad user is the AD user with appropriate administrative permissions to join computers to the domain.


Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: June 28, 2019