I want to join an Ubuntu Server via realmd/sssd into a MS Windows Active Directory domain.
The domain controller is a Windows Server 2022 Insider.
All packages are installed and configured as far as I know.
The DC and the domain can be resolved and "realm discover" also gives me a reasonable output.
With "realm join" I get this error message
adcli: joining domain ad.domain.com failed: Couldn't set password for computer account: Ubuntu$: Message stream modified
In the meantime, I have tried several things:
- DC windows server 2022 without insider/preview → domain join works without problems
- "realm join" with the option "--membership-software=samba" →
Password for [DOMAIN\Administrator]:gensec_gse_unwrap: GSS UnWrap failed: A token was invalid: unknown mech-code 0 for mech 1 2 840 113554 1 2 2
Failed to join domain: Failed to set machine spn: Time limit exceeded
Do you have sufficient permissions to create machine accounts?
- I get the same errors with a Debian server → was to be expected
- set up a Fedora server. with "realm join --membership-software=samba" → domain join works without problems
All systems are installed as server, core, minimal, etc (without desktop / GUI) and updated to the current time.
What else can I try, or can someone explain this behavior to me?
