Having issues with the adcli on ubuntu 18.04 which was updated recently with the ldaps option.
It can't seem to find the shortname for AD and also doesn't manage to connect to LDAP even when the CA is specified in the command and with /etc/ldap/ldap.conf
Have also tried to configure the ldap_uri in the SSSD config with no luck there either.
me@lnx-node-1:~# LDAPTLS_CACERT=/usr/local/share/ca-certificates/domain-ca.pem adcli join -U me-admin --domain=ad.somewhere.com -v
* Using domain name: AD.SOMEWHERE.COM
* Calculated computer account name from fqdn: LNX-NODE-1
* Calculated domain realm from name: AD.SOMEWHERE.COM
* Discovering domain controllers: _ldap._tcp.AD.SOMEWHERE.COM
* Sending netlogon pings to domain controller: ldap://[####:650:###:d314::dc1]
* Sending netlogon pings to domain controller: cldap://####.###.160.19
* Sending netlogon pings to domain controller: ldap://[####:630:###:d314::dc4]
* Sending netlogon pings to domain controller: cldap://###.###.160.59
* Sending netlogon pings to domain controller: ldap://[####:630:###:e010::dc2]
* Received NetLogon info from: itsdc-1.ad.somewhere.com
* Wrote out krb5.conf snippet to /tmp/adcli-krb5-H8CKiH/krb5.d/adcli-krb5-conf-vv3c80
Password for me-admin@AD.SOMEWHERE.COM:
* Authenticated as user: me-admin@AD.SOMEWHERE.COM
* Using GSS-SPNEGO for SASL bind
* ! Couldn't lookup domain short name: Can't contact LDAP server
* Using fully qualified name: lnx-node-1.ad.somewhere.com
* Using domain name: AD.SOMEWHER.COM
* Using computer account name: LNX-NODE-1
* Using domain realm: AD.SOMEWHER.COM
* Calculated computer account name from fqdn: LNX-NODE-1
* Generated 120 character computer password
* Using keytab: FILE:/etc/krb5.keytab
! Couldn't lookup computer account: LNX-NODE-1$: Can't contact LDAP server
adcli: joining domain AD.SOMEWHERE.COM failed: Couldn't lookup computer account: LNX-NODE-1$: Can't contact LDAP server
UPDATE : Managed a temporary workaround downgrading the adcli packages apt install adcli=0.8.2-1, still need a fix.
