Re: Secure Active Directory Updates Failing on AlmaLinux 9 with ISC BIND 9.18.28

Thank you all for your assistance. The issue has finally been resolved. It turns out I was running BIND in a chroot jail, and the /var/tmp folder was missing within the chroot environment. This was the cause of the AD update denials. On Tue, Aug 20, 2024 at 3:27 PM Petr Špaček wrote: > Hi Nagesh

Re: Secure Active Directory Updates Failing on AlmaLinux 9 with ISC BIND 9.18.28

Hi Nagesh, it's unclear what exactly is the log about. Is that first start of the server? (I guess so.) Or the client's attempt? You have mentioned that you have two systems, one working and other one failing. I suggest you gather logs from both and compare them line by line to find the diff

Re: Secure Active Directory Updates Failing on AlmaLinux 9 with ISC BIND 9.18.28

Hi, We have checked all the files related to krb and keytab, all files and their permissions are good. But still updates are getting denied. I am attaching the Krb5 Trace output also, please check and let me know. tkey-gssapi-credential option also specified in the named.conf, but still updated are

Re: Secure Active Directory Updates Failing on AlmaLinux 9 with ISC BIND 9.18.28

Hello, my first bet is missing tkey-gssapi-credential configuration statement [1], followed by: - or incorrect content of keytab, - some file permission problem related to /etc/krb5.keytab, or /var/tmp, or /tmp, - It's Red Hat so a SELinux denial might be a problem as well. KRB5_TRACE enviro

Re: Secure Active Directory Updates Failing on AlmaLinux 9 with ISC BIND 9.18.28

Your logs show error messages about missing Kerberos credentials files. Did you notice and investigate those errors, and compare the state with your CentOS 7 system? On 08/08/2024 14:23, Nagesh Thati wrote: Hello Guys, Any help is much appreciated. Thanks Nagesh -- Visit https://lists.isc.or

Re: Secure Active Directory Updates Failing on AlmaLinux 9 with ISC BIND 9.18.28

Hello Guys, Any help is much appreciated. Thanks Nagesh On Tue, Aug 6, 2024 at 7:11 PM Nagesh Thati wrote: > Hello BIND Users, > > *Issue Description:* > I'm experiencing an issue with secure Active Directory (AD) updates on an > AlmaLinux 9 system using ISC BIND. Despite following the necessary

Secure Active Directory Updates Failing on AlmaLinux 9 with ISC BIND 9.18.28

Hello BIND Users, *Issue Description:* I'm experiencing an issue with secure Active Directory (AD) updates on an AlmaLinux 9 system using ISC BIND. Despite following the necessary configurations, I'm receiving error messages indicating that the requests from the AD server are not signed and encoun