{"id":122,"date":"2022-04-10T13:08:42","date_gmt":"2022-04-10T04:08:42","guid":{"rendered":"https:\/\/poca.xrea.jp\/?p=122"},"modified":"2023-04-08T11:30:08","modified_gmt":"2023-04-08T02:30:08","slug":"ubuntu-20-04-%e3%81%a7%e3%83%89%e3%83%a1%e3%82%a4%e3%83%b3%e3%82%b3%e3%83%b3%e3%83%88%e3%83%ad%e3%83%bc%e3%83%a9%e3%82%92%e5%88%a9%e7%94%a8","status":"publish","type":"post","link":"https:\/\/poca256.com\/?p=122","title":{"rendered":"ubuntu 20.04\u3067\u30c9\u30e1\u30a4\u30f3\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u3092\u5229\u7528"},"content":{"rendered":"<p>(2023\/4\/8\u52a0\u7b46\u30fb\u4fee\u6b63)<\/p>\n<p>\u6211\u304c\u5bb6\u3067\u306fNAS\u4e0a\u306e\u30c9\u30e1\u30a4\u30f3\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u3067\u5bb6\u65cf\u306e\u30ed\u30b0\u30a4\u30f3\u60c5\u5831\u3092\u4e00\u5143\u7ba1\u7406\u3057\u3066\u3044\u307e\u3059\u3002ubuntu\u74b0\u5883\u3092\u7acb\u3061\u4e0a\u3052\u308b\u969b\u306b\u307e\u305a\u4f5c\u696d\u3057\u305f\u306e\u304c\u30c9\u30e1\u30a4\u30f3\u3078\u306e\u53c2\u52a0\u3067\u3057\u305f\u3002\u7d50\u69cb\u30cf\u30de\u3063\u305f\u306e\u3067\u8a18\u9332\u306b\u6b8b\u3057\u3066\u304a\u304d\u307e\u3059\u3002<\/p>\n<h3>\u30c9\u30e1\u30a4\u30f3\u3078\u306e\u53c2\u52a0<\/h3>\n<p><a href=\"https:\/\/www.server-world.info\/query?os=Ubuntu_20.04&amp;p=realmd\">https:\/\/www.server-world.info\/query?os=Ubuntu_20.04&amp;p=realmd<\/a><\/p>\n<blockquote><p>$sudo apt\u00a0-y install realmd sssd sssd-tools libnss-sss libpam-sss adcli samba-common-bin oddjob oddjob-mkhomedir packagekit<\/p>\n<p>$sudo realm join \u30c9\u30e1\u30a4\u30f3\u540d<\/p><\/blockquote>\n<p>\u53c2\u8003\u306b\u3055\u305b\u3066\u3044\u305f\u3060\u3044\u305f\u624b\u9806\u306e\u4e2d\u3067\u306f\u3001DNS\u30b5\u30fc\u30d0\u30fc\u3092\u8a2d\u5b9a\u3059\u308b\u624b\u9806\u304c\u3042\u3063\u305f\u3067\u3059\u304c\u3059\u3063\u98db\u3070\u3057\u3066\u3057\u307e\u3044\u307e\u3057\u305f\u3002\u6211\u304c\u5bb6\u3067\u306fDNS\u30b5\u30fc\u30d0\u30fc\u306fONU\u30eb\u30fc\u30bf\u30fc\u306b\u4e00\u4efb\u3057\u3001\u5185\u90e8\u30c9\u30e1\u30a4\u30f3\u306e\u5834\u5408\u306e\u307f\u30c9\u30e1\u30a4\u30f3\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u3092\u6307\u3059\u4ed5\u69d8\u306b\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u304c\u307e\u305a\u306f\u3001\u30c9\u30e1\u30a4\u30f3\u53c2\u52a0\u3067\u30a8\u30e9\u30fc\u304c\u767a\u751f\u3057\u307e\u3057\u305f\u3002<\/p>\n<blockquote><p>\n * Sending NetLogon ping to domain controller: 192.168.xx.xx<br \/>\n * Received NetLogon info from: xxxx.xxxx.home<br \/>\n:<br \/>\n* Using GSS-SPNEGO for SASL bind<br \/>\n ! Couldn&#8217;t authenticate to active directory: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Server not found in Kerberos database)<br \/>\nadcli: couldn&#8217;t connect to xxxxx.home domain: Couldn&#8217;t authenticate to active directory: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Server not found in Kerberos database)<br \/>\n ! Insufficient permissions to join the domain<br \/>\nrealm: \u30ec\u30eb\u30e0\u306b\u53c2\u52a0\u3067\u304d\u307e\u305b\u3093\u3067\u3057\u305f: Insufficient permissions to join the domain<\/p><\/blockquote>\n<p>\u4ee5\u4e0b\u306e\u30b5\u30a4\u30c8\u306b\u3088\u308b\u3068\u30c9\u30e1\u30a4\u30f3\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u3068\u3057\u3066\u8a8d\u8b58\u3055\u308c\u3066\u3044\u308bPC\u306e\u30db\u30b9\u30c8\u540d\u3068\u3001\u305d\u306ePC\u3092IP\u30a2\u30c9\u30ec\u30b9\u3067\u9006\u5f15\u304d\u3057\u305f\u969b\u306e\u30db\u30b9\u30c8\u540d\u304c\u4e00\u81f4\u3057\u306a\u3044\u3068\u554f\u984c\u304c\u8d77\u304d\u308b\u3088\u3046\u3067\u3059\u3002\u4e0a\u8a18\u30a8\u30e9\u30fc\u30ed\u30b0\u306b\u3066\u3001\u30c9\u30e1\u30a4\u30f3\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u306eIP\u30a2\u30c9\u30ec\u30b9\u3068\u30db\u30b9\u30c8\u540d\u304c\u8868\u793a\u3055\u308c\u3066\u3044\u307e\u3059\u304c\u3001IP\u30a2\u30c9\u30ec\u30b9\u3067\u9006\u5f15\u304d\u3059\u308b\u3068\u30eb\u30fc\u30bf\u30fc\u304c\u914d\u5e03\u3057\u3066\u3044\u308b\u4eee\u30db\u30b9\u30c8\u540d\u304c\u5fdc\u7b54\u3055\u308c\u3066\u3044\u307e\u3057\u305f\u3002<\/p>\n<div class=\"oceanwp-oembed-wrap clr\">\n<blockquote class=\"wp-embedded-content\" data-secret=\"V1bINfuLdW\"><p><a href=\"https:\/\/locallost.net\/?p=1705\">\u00ab\u00a0realm join\u00a0\u00bb returns with error \u00ab\u00a0Server not found in Kerberos database\u00a0\u00bb<\/a><\/p><\/blockquote>\n<p><iframe loading=\"lazy\" class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; clip: rect(1px, 1px, 1px, 1px);\" title=\"\u00ab\u00a0\u00ab\u00a0realm join\u00a0\u00bb returns with error \u00ab\u00a0Server not found in Kerberos database\u00a0\u00bb\u00a0\u00bb &#8212; LocalLost\" src=\"https:\/\/locallost.net\/?p=1705&#038;embed=true#?secret=wgfqIUJf3E#?secret=V1bINfuLdW\" data-secret=\"V1bINfuLdW\" width=\"600\" height=\"338\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe><\/div>\n<p>\u5bfe\u7b56\u3068\u3057\u3066\u306f\uff12\u3064\u3042\u308b\u3088\u3046\u3067\u3059\u3002<\/p>\n<ol>\n<li>set a correct DNS reverse PTR that points back to the DNS name of the AD controller<\/li>\n<li>add the option rnds = false in the [libdefaults] setion in `\/etc\/krb5.conf`<\/li>\n<\/ol>\n<p>\u5bfe\u7b561)\/etc\/hosts\u30d5\u30a1\u30a4\u30eb\u306b\u30c9\u30e1\u30a4\u30f3\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u306e\u30db\u30b9\u30c8\u60c5\u5831\u3092\u8ffd\u52a0\u3059\u308b<\/p>\n<p>\uff0a\u5bfe\u7b562\u304cUbuntu22.04\u3067\u306f\u3046\u307e\u304f\u3044\u304b\u306a\u304b\u3063\u305f\u306e\u3067\u3001\u3053\u3061\u3089\u306e\u5bfe\u7b56\u3092\u53d6\u308a\u307e\u3057\u305f\u3002<\/p>\n<blockquote><p>\n$sudo vi \/etc\/hosts<br \/>\n&lt;\u8ffd\u52a0&gt;<br \/>\n192.168.xxx.xxx    (\u30c9\u30e1\u30a4\u30f3\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u306eFQDN\uff09(\u30c9\u30e1\u30a4\u30f3\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u306e\u30db\u30b9\u30c8\u540d\uff09\n<\/p><\/blockquote>\n<p>\u5bfe\u7b562)krb5\u51e6\u7406\u306b\u304a\u3051\u308b\u9006\u5f15\u304d\u51e6\u7406\u3092\u7121\u52b9\u306b\u3059\u308b<\/p>\n<p>\uff0a\u3053\u3061\u3089\u306e\u5bfe\u7b56\u306fUbuntu22.04\u3067\u306f\u3046\u307e\u304f\u884c\u304d\u307e\u305b\u3093\u3067\u3057\u305f<\/p>\n<blockquote><p>\n$sudo apt-get install krb5-user<br \/>\n$sudo vi \/etc\/krb5.conf<br \/>\n&lt;\u8ffd\u52a0&gt;<br \/>\n[libdefaults]<br \/>\nrnds = false<\/p><\/blockquote>\n<p>DNS\u306e\u9006\u5f15\u304d\u304c\u6b63\u5e38\u304c\u3046\u307e\u304f\u3067\u304d\u308b\u3088\u3046\u306b\u306a\u308b\u3068\u3001join\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3057\u305f\u3002<\/p>\n<h3>\u6b63\u5e38\u306b\u53c2\u52a0\u3067\u304d\u305f\u306e\u3092\u78ba\u304b\u3081\u308b<\/h3>\n<blockquote><p>$id \u30e6\u30fc\u30b6\u30fc\u540d@\u30c9\u30e1\u30a4\u30f3\u540d<\/p><\/blockquote>\n<h3>\u30ed\u30b0\u30a4\u30f3\u6642\u306b\u30db\u30fc\u30e0\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u3092\u4f5c\u6210\u3059\u308b\u3002<\/h3>\n<blockquote><p>$sudo vi \/etc\/pam.d\/common-session<br \/>\n# \u6700\u7d42\u884c\u306b\u8ffd\u8a18 (\u30ed\u30b0\u30a4\u30f3\u6642\u306b\u30db\u30fc\u30e0\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u3092\u81ea\u52d5\u4f5c\u6210)<br \/>\nsession optional pam_mkhomedir.so skel=\/etc\/skel umask=077<\/p><\/blockquote>\n<h3>\u5b9f\u969b\u306b\u30ed\u30b0\u30a4\u30f3\u3067\u304d\u308b\u304b\u30c6\u30b9\u30c8<\/h3>\n<blockquote><p>$su &#8211; \u30e6\u30fc\u30b6\u30fc\u540d@\u30c9\u30e1\u30a4\u30f3\u540d<br \/>\n:<br \/>\nSystem error<\/p><\/blockquote>\n<p>\u306a\u3093\u3067\u3084\u306d\u3093\u3002\u30c9\u30e1\u30a4\u30f3\u53c2\u52a0\u3067\u304d\u3066\u3044\u308b\u306e\u306b\u30fb\u30fb\u30fb<\/p>\n<p>\u3044\u308d\u3044\u308d\u8abf\u3079\u305f\u56de\u907f\u7b56\u306f<\/p>\n<p><a href=\"https:\/\/serverfault.com\/questions\/872542\/debugging-sssd-login-pam-sss-system-error\">https:\/\/serverfault.com\/questions\/872542\/debugging-sssd-login-pam-sss-system-error<\/a><\/p>\n<blockquote><p>$sudo vi \/etc\/sssd\/sssd.conf<br \/>\n&lt;\u4ee5\u4e0b\u3092\u8ffd\u52a0&gt;<br \/>\nad_gpo_ignore_unreadable = True<br \/>\nad_gpo_access_control = permissive<\/p><\/blockquote>\n<p>\u666e\u901a\u306e\u74b0\u5883\u3067\u306fActive Directroy\u30b5\u30fc\u30d0\u30fc\u3092DNS\u3068\u3057\u3066\u5229\u7528\u3059\u308b\u306f\u305a\u306a\u306e\u3067\u554f\u984c\u304c\u8d77\u304d\u306a\u3044\u306e\u3067\u3057\u3087\u3046\u3002\u305f\u3076\u3093\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>(2023\/4\/8\u52a0\u7b46\u30fb\u4fee\u6b63) \u6211\u304c\u5bb6\u3067\u306fNAS\u4e0a\u306e\u30c9\u30e1\u30a4\u30f3\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u3067\u5bb6\u65cf\u306e\u30ed\u30b0\u30a4\u30f3\u60c5\u5831\u3092\u4e00\u5143\u7ba1\u7406\u3057\u3066\u3044\u307e\u3059\u3002ubuntu\u74b0\u5883\u3092\u7acb\u3061\u4e0a\u3052\u308b\u969b\u306b\u307e\u305a\u4f5c\u696d\u3057\u305f\u306e\u304c\u30c9\u30e1\u30a4\u30f3\u3078\u306e\u53c2\u52a0\u3067\u3057\u305f\u3002\u7d50\u69cb\u30cf\u30de\u3063\u305f\u306e\u3067\u8a18\u9332\u306b\u6b8b\u3057\u3066\u304a\u304d [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ocean_post_layout":"","ocean_both_sidebars_style":"","ocean_both_sidebars_content_width":0,"ocean_both_sidebars_sidebars_width":0,"ocean_sidebar":"0","ocean_second_sidebar":"0","ocean_disable_margins":"enable","ocean_add_body_class":"","ocean_shortcode_before_top_bar":"","ocean_shortcode_after_top_bar":"","ocean_shortcode_before_header":"","ocean_shortcode_after_header":"","ocean_has_shortcode":"","ocean_shortcode_after_title":"","ocean_shortcode_before_footer_widgets":"","ocean_shortcode_after_footer_widgets":"","ocean_shortcode_before_footer_bottom":"","ocean_shortcode_after_footer_bottom":"","ocean_display_top_bar":"default","ocean_display_header":"default","ocean_header_style":"","ocean_center_header_left_menu":"0","ocean_custom_header_template":"0","ocean_custom_logo":0,"ocean_custom_retina_logo":0,"ocean_custom_logo_max_width":0,"ocean_custom_logo_tablet_max_width":0,"ocean_custom_logo_mobile_max_width":0,"ocean_custom_logo_max_height":0,"ocean_custom_logo_tablet_max_height":0,"ocean_custom_logo_mobile_max_height":0,"ocean_header_custom_menu":"0","ocean_menu_typo_font_family":"0","ocean_menu_typo_font_subset":"","ocean_menu_typo_font_size":0,"ocean_menu_typo_font_size_tablet":0,"ocean_menu_typo_font_size_mobile":0,"ocean_menu_typo_font_size_unit":"px","ocean_menu_typo_font_weight":"","ocean_menu_typo_font_weight_tablet":"","ocean_menu_typo_font_weight_mobile":"","ocean_menu_typo_transform":"","ocean_menu_typo_transform_tablet":"","ocean_menu_typo_transform_mobile":"","ocean_menu_typo_line_height":0,"ocean_menu_typo_line_height_tablet":0,"ocean_menu_typo_line_height_mobile":0,"ocean_menu_typo_line_height_unit":"","ocean_menu_typo_spacing":0,"ocean_menu_typo_spacing_tablet":0,"ocean_menu_typo_spacing_mobile":0,"ocean_menu_typo_spacing_unit":"","ocean_menu_link_color":"","ocean_menu_link_color_hover":"","ocean_menu_link_color_active":"","ocean_menu_link_background":"","ocean_menu_link_hover_background":"","ocean_menu_link_active_background":"","ocean_menu_social_links_bg":"","ocean_menu_social_hover_links_bg":"","ocean_menu_social_links_color":"","ocean_menu_social_hover_links_color":"","ocean_disable_title":"default","ocean_disable_heading":"default","ocean_post_title":"","ocean_post_subheading":"","ocean_post_title_style":"","ocean_post_title_background_color":"","ocean_post_title_background":0,"ocean_post_title_bg_image_position":"","ocean_post_title_bg_image_attachment":"","ocean_post_title_bg_image_repeat":"","ocean_post_title_bg_image_size":"","ocean_post_title_height":0,"ocean_post_title_bg_overlay":0.5,"ocean_post_title_bg_overlay_color":"","ocean_disable_breadcrumbs":"default","ocean_breadcrumbs_color":"","ocean_breadcrumbs_separator_color":"","ocean_breadcrumbs_links_color":"","ocean_breadcrumbs_links_hover_color":"","ocean_display_footer_widgets":"default","ocean_display_footer_bottom":"default","ocean_custom_footer_template":"0","ocean_post_oembed":"","ocean_post_self_hosted_media":"","ocean_post_video_embed":"","ocean_link_format":"","ocean_link_format_target":"self","ocean_quote_format":"","ocean_quote_format_link":"post","ocean_gallery_link_images":"off","ocean_gallery_id":[],"footnotes":""},"categories":[5],"tags":[],"class_list":["post-122","post","type-post","status-publish","format-standard","hentry","category-linux","entry"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/poca256.com\/index.php?rest_route=\/wp\/v2\/posts\/122","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/poca256.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/poca256.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/poca256.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/poca256.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=122"}],"version-history":[{"count":11,"href":"https:\/\/poca256.com\/index.php?rest_route=\/wp\/v2\/posts\/122\/revisions"}],"predecessor-version":[{"id":337,"href":"https:\/\/poca256.com\/index.php?rest_route=\/wp\/v2\/posts\/122\/revisions\/337"}],"wp:attachment":[{"href":"https:\/\/poca256.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=122"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/poca256.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=122"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/poca256.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=122"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}