Attempting to join to domain or log in with an AD user and receiving the following error:
"KRB5_KDC_UNREACH (-1765328228): Cannot contact any KDC for requested realm
Reason: unable to reach any KDC in realm <Domain Name>"
There may be a problem with the DNS setup.
In the /etc/nsswitch.conf file:
The entry for hosts did not have dns (see Resolution).
Another possible problem is the firewall configuration. Make sure that all required ports are open to domains (including root domain).
Edit the /etc/nsswitch.conf file:
passwd: files vas3
group: files vas3
hosts: files dns
Enter your DNS server
/opt/quest/bin/vastool configure vas libvas use-tcp-only true
Correct firewall rules to open up all required ports
Please peform DNS troubleshooting:
Did you create a SRV record for the Unix machine in your DNS?
Can you ping the unix client from DC?
Can you ping the DC from the Unix machine?
Can you ping the domain?
nslookup <DC FQDN>
If you are still having problem, open up a case with Tech support and send the resultant data of the following commands done from the client:
1. /opt/quest/bin/preflight <your domain.com> 2>&1 | tee /tmp/preflight
2. Please add -d5 to the join command and pipe the ouput of the command to a file like below:
Vastool -d5 -u <user> join <your domain> <add other options for your environment> 2>&1 | tee /tmp/vastooljoin_debug
It will create vas_snapshot.(machine-name).tar.gz file in your /tmp directory. Please send me the vas_snapshot.(machine-name).tar.gz file.