I'm trying to join centos 7 pc into Windows 2012 Active directory. I have installed these package as prerequisites.
sssd realmd oddjob oddjob-mkhomedir adcli samba-common samba-common-tools krb5-workstation openldap-clients policycoreutils-python
DNS is also resolving. But when I try
realm -v join -U 'administrator' vsis.tec
it's getting this error every time.
[root#centos mnt]# realm -v join -U 'administrator' vsis.tec
* Resolving: _ldap._tcp.vsis.tec
* Performing LDAP DSE lookup on: 172.16.100.5
* Successfully discovered: vsis.tec
Password for administrator:
* Required files: /usr/sbin/oddjobd, /usr/libexec/oddjob/mkhomedir, /usr/sbin/sssd, /usr/bin/net
* LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.NOG5ZY -U administrator ads join vsis.tec
Enter administrator's password:
Failed to join domain: failed to lookup DC info for domain 'vsis.tec' over rpc: The transport connection has been reset.
! Joining the domain vsis.tec failed
realm: Couldn't join realm: Joining the domain vsis.tec failed
Please help me to figure out the error and join the centos to the AD.
Thank You
Check if you have all the Active Directory ports opened from CentOS...
AD Ports list - https://technet.microsoft.com/en-us/library/dd772723(v=ws.10).aspx
Thanks,
Ashish
Related
I'm following a tutorial here on creating linux containers, and I'm running into the following error which I cannot find an answer to:
$ sudo lxc-create -f lxc-left.conf -t download -n left -- -d fedora -r 26 -a amd64
lxc-create: left: parse.c: lxc_file_for_each_line_mmap: 100 Permission denied - Failed to open file "lxc-left.conf"
Setting up the GPG keyring
ERROR: Unable to fetch GPG key from keyserver
lxc-create: left: lxccontainer.c: create_run_template: 1625 Failed to create container from template
lxc-create: left: tools/lxc_create.c: main: 331 Failed to create container left
The permissions for the file are like so:
-rw-rw-rw-. 1 *** domain users 245 Oct 6 13:36 lxc-left.conf
-rw-rw-rw-. 1 *** domain users 248 Oct 6 13:36 lxc-right.conf
So I'm not sure why it would give me a permission denied - unless it expects it to be under a certain group.
For GPG keystring error, I know there's an options of --no-validate but I want to be able to validate with a gpg key. I am behind a proxy but can ping sites like google, etc.
The source code for the error is here
Installed openproject according to the CentOS 7 docs (https://www.openproject.org/download-and-installation/#installation) and after running sudo openproject configure, getting the error output as shown:
➜ ~ sudo openproject configure
Launching installer for openproject...
Selected addons: legacy-installer mysql apache2 repositories smtp memcached openproject
[legacy-installer] ./bin/configure
[mysql] ./bin/configure
DONE
[apache2] ./bin/configure
DONE
[repositories] ./bin/configure
DONE
[smtp] ./bin/configure
DONE
[memcached] ./bin/configure
DONE
[openproject] ./bin/configure
[legacy-installer] ./bin/preinstall
[mysql] ./bin/preinstall
[apache2] ./bin/preinstall
Note: Forwarding request to 'systemctl enable httpd.service'.
[repositories] ./bin/preinstall
[smtp] ./bin/preinstall
[memcached] ./bin/preinstall
No memcached server to install. Skipping.
[openproject] ./bin/preinstall
[legacy-installer] ./bin/postinstall
[mysql] ./bin/postinstall
ERROR 1045 (28000): Access denied for user 'root'#'localhost' (using password: YES)
Never used MariaDB before, but from some basic checking (installed following https://www.digitalocean.com/community/tutorials/how-to-reset-your-mysql-or-mariadb-root-password)
➜ ~ mysqladmin -u root -p version
Enter password:
mysqladmin Ver 9.0 Distrib 5.5.60-MariaDB, for Linux on x86_64
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Server version 5.5.60-MariaDB
Protocol version 10
Connection Localhost via UNIX socket
UNIX socket /var/lib/mysql/mysql.sock
Uptime: 21 min 38 sec
Threads: 1 Questions: 16 Slow queries: 0 Opens: 7 Flush tables: 2 Open tables: 25 Queries per second avg: 0.012
(where the passsword is just blank) the DB appears to be working and accessible. Removing and re-installing the mariadb-server package does not appear to change the behavior either. Never used openproject or mysql / mariadb before, so any advice on what could be happening here would be appreciated.
Did you choose Install and configure MySQL server locally during the configuration step?
If so, the package should automatically configure a random MySQL root password that is stored under the key mysql/root_password at /etc/openproject/installer.dat. If you can still access the database with an empty password, the setup failed to set a password correctly. It appears to take input from urandom.
What you could try is running the following command while hitting enter in the MySQL password prompt:
mysqladmin -u root -p password "<Create and insert a random password here>"
And then replacing the value at mysql/root_password at /etc/openproject/installer.dat.
I have a memsql cluster with 1 master and 4 leaf node.
I have a problem my master node is not running but it is connected in the cluster. And i can read and write a data to my cluster.
while trying to restart the master node its showing some error.
2018-03-31 20:54:22: Jb2ae955f6 [ERROR] Failed to connect to MemSQL node BD60BED7C8082966F375CBF983A46A9E39FAA791: ProcessHandshakeResponsePacket() failed. Sending back 1045: Access denied for user 'root'#'xx.xx.xx.xx' (using password: NO)
ProcessHandshakeResponsePacket() failed. Sending back 1045: Access denied for user 'root'#'10.254.34.135' (using password: NO)
Cluster status
Index ID Agent Id Process State Cluster State Role Host Port Version
1 BD60BED Afb08cd NOT RUNNING CONNECTED MASTER 10.254.34.135 3306 5.8.10
2 D84101F A10aad5 RUNNING CONNECTED LEAF 10.254.42.244 3306 5.8.10
3 3D2A2AF Aa2ac03 RUNNING CONNECTED LEAF 10.254.38.76 3306 5.8.10
4 D054B1C Ab6c885 RUNNING CONNECTED LEAF 10.254.46.99 3306 5.8.10
5 F8008F7 Afb08cd RUNNING CONNECTED LEAF 10.254.34.135 3307 5.8.10
That error means that while the node is online, memsql-ops is unable to log in to the node, most likely because the root user's password is misconfigured somewhere in the system - memsql-ops is configured with no password for that node, but likely the memsql node does have a root password set.
Did you set a root password in memsql? Are you able to connect to the master node directly via mysql client?
If yes, you can fix this by logging in to the memsql master node directly and changing the root password to blank:
GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' identified by '' WITH GRANT OPTION
Then, after ensuring that connectivity is restored, you can update the root password in the future with the command https://docs.memsql.com/memsql-ops-cli-reference/v6.0/memsql-update-root-password/.
On the same host as master to memsql-deploy leaf node always failed with same error. Switching the operation to new machines has the same failure.
Here is the steps to deploy master role:
# memsql-ops memsql-deploy -a Af53bfb -r master -P 3306 --community-edition
2017-03-24 16:15:54: Je5725b [INFO] Deploying MemSQL to 172.17.0.3:3306
2017-03-24 16:15:59: Je5725b [INFO] Installing MemSQL
2017-03-24 16:16:02: Je5725b [INFO] Finishing MemSQL Install
Waiting for MemSQL to start...
MemSQL successfully started
Here is the immediate steps to add leaf node after deploying master:
# memsql-ops memsql-deploy -a Af53bfb -r leaf -P 3308
2017-03-24 16:16:43: J32c71f [INFO] Deploying MemSQL to 172.17.0.3:3308
2017-03-24 16:16:43: J32c71f [INFO] Installing MemSQL
2017-03-24 16:16:46: J32c71f [INFO] Finishing MemSQL Install
Waiting for MemSQL to start...
MemSQL failed to start: Failed to start MemSQL:
set_mempolicy: Operation not permitted
setting membind: Operation not permitted
What can be the possible reasons behind the error messages and what way that I can follow to find out the root cause or fix?
After one day search on Google, I believe I finally locate the root cause of this error. I feel strange why no one asked before because it should be happened more often than just me.
The real cause for this issue is I installed numactl package per MemSQL's best practice suggestion on a non-NUMA machine. This would effectively let the memsql node other than the first one try to run numactl sub-command set_mempolicy to bind individual MemSQL nodes to CPUs but this command would eventually fails. And the start of the node by sub-commands memsql-start or memsql-deploy from memsql-ops will all fail.
The workaround to this is very simple, just remove the package numactl. Then everything will be fine. This workaround particularly applies to some virtualization based memsql deployments like Docker.
Can you try on the master:
memsql-ops start
memsql-ops memsql-deploy --role master -P 3306 --community-edition
On the agent:
memsql-ops start
memsql-ops follow -h <host of primary agent> -P <port of primary agent if configured to use one>
memsql-ops memsql-deploy --role leaf -P 3308 --community-edition
Logged in to a linux redhat-6 machine using ssh -X root#machineip and then running glxgears works.
However switching to another user "su - notes" and then trying to run glx gears does not work.
** This works**
# ssh -X root#15.218.114.240
[root#iwf1114240 ~]# glxgears
XIO: fatal IO error 11 (Resource temporarily unavailable) on X server "localhost:10.0"
after 123 requests (42 known processed) with 0 events remaining.
** The below commands does not work**
[root#iwf1114240 ~]# su - notes
[notes#iwf1114240 ~]$ glxgears
X11 connection rejected because of wrong authentication.
Error: couldn't open display localhost:10.0
Copy root's .Xauthority file over to note's home directory.