Joins using keytab failing: "ERROR: Failed to establish host credentials: VAS_ERR_CRED_NEEDED: Unable to find a keytab entry".
# vastool -u administrator -k /tmp/administrator.keytab join -f yourdomain.com
Checking whether computer is already joined to a domain ... yes
WARNING: This computer is already joined to domain: yourdomain.com.
The existing configuration will be overwritten.
Overriding and rejoining ... OK
Password for email@example.com:
Unmapping mapped users ... OK
Stopping daemon: vasd ... OK
Configuring forest root ... cpr1.vas ... OK
Configuring site ... Default-First-Site-Name ... OK
Joining computer to the domain as host/username.vintela.com ... OK
Joined using computer object "CN=username,CN=Computers,DC=cpr2,DC=vas" ... OK
Writing vas.conf ... OK
Populating misc cache ... OK
Preparing to apply Group Policy ... OK
Applying Group Policy Settings ... OK
ERROR: Failed to establish host credentials: VAS_ERR_CRED_NEEDED: Unable to
find a keytab entry in /tmp/administrator.keytab for USERNAMEfirstname.lastname@example.org
ERROR: Could not join to the domain
VAS_ERR_CRED_NEEDED: Unable to find a keytab entry in /tmp/administrator.keytab
Product Defect in QAS 184.108.40.206. Fixed in 220.127.116.11 and up.
Issue fixed in version 18.104.22.168. Please note 4.0.3.x version are no longer supported as of 3/16/2015. We recommend you upgrade to a support version as soon as possible.
# vastool configure realm <YOURDOMAIN>
# vastool -k <PATH TO KEYTAB FILE> kinit <SERVICE ACCT>
# vastool join <DOMAIN>
Upgrade to new software. Please go to https://support.oneidentity.com/authentication-services/download-new-releases to download the latest software.