Package Details: adcli 0.9.0.r6.g08bac09-1

Git Clone URL: https://aur.archlinux.org/adcli.git (read-only, click to copy)
Package Base: adcli
Description: Active Directory account management tool
Upstream URL: https://freedesktop.org/software/realmd/
Keywords: active-directory ldap
Licenses: GPL3
Submitter: grawity
Maintainer: grawity
Last Packager: grawity
Votes: 12
Popularity: 0.023090
First Submitted: 2013-08-19 16:30
Last Updated: 2020-04-15 13:19

Latest Comments

1 2 Next › Last »

Stepannych commented on 2020-04-14 20:39

I try to join AD domain but have error:

adcli join mydomain.dom -U admin -vvvv
 * Using domain name: mydomain.dom.da
 * Calculated computer account name from fqdn: PC-NO
 * Calculated domain realm from name: MYDOMAIN.DOM.DA
 * Discovering domain controllers: _ldap._tcp.mydomain.dom.da
 * Sending NetLogon ping to domain controller: pdc.mydomain.dom.da
 * Sending NetLogon ping to domain controller: sdc.mydomain.dom.da
 * Received NetLogon info from: PDC.mydomain.dom.da
 * Wrote out krb5.conf snippet to /tmp/adcli-krb5-7d9dCU/krb5.d/adcli-krb5-conf-ll4K3S
Password for admin@MYDOMAIN.DOM.DA: 
 * Authenticated as user: admin@MYDOMAIN.DOM.DA
 * Looked up short domain name: MYDOMAIN
 * Looked up domain SID: S-1-5-21-2129043xxx-1170727xxx-3678xxxx
 * Using fully qualified name: pc-no
 * Using domain name: mydomain.dom.da
 * Using computer account name: PC-NO
 * Using domain realm: mydomain.dom.da
 * Calculated computer account name from fqdn: PC-NO
 * Generated 120 character computer password
 * Using keytab: FILE:/etc/krb5.keytab
 * Found computer account for PC-NO$ at: CN=PC-NO,CN=Computers,DC=mydomain,DC=dom,DC=da
 * Sending NetLogon ping to domain controller: pdc.mydomain.dom.da
 * Received NetLogon info from: PDC.mydomain.dom.da
 * Set computer password
 * Retrieved kvno '12' for computer account in directory: CN=PC-NO,CN=Computers,DC=mydomain,DC=dom,DC=da
adcli: 'code == 0' not true at _adcli_krb5_keytab_test_salt
 ! Couldn't authenticate with keytab while discovering which salt to use: PC-NO$@MYDOMAIN.DOM.DA: Bad encryption type
 ! Couldn't add keytab entries: FILE:/etc/krb5.keytab: Bad encryption type
adcli: joining domain mydomain.dom.da failed: Couldn't add keytab entries: FILE:/etc/krb5.keytab: Bad encryption type
It was fixed in new version of this package for debian, centos redhat etc Can you please update package?

backpackjoe commented on 2017-11-15 22:47

I tried to build with a minimal system and got a warning:
Warning: failed to load external entity "http://docbook.sourceforge.net/release/xsl/current/manpages/docboot.xsl"

followed by an error being unable to parse the file. Over at "kde-workspace", i found a fix: installing kdelibs depending on the following packages:

kdelibs
attica-qt4
ilmbase
libdbusmenu-qt4
libmng
libutempter
media-player-info
openexr
phonon-qt4
phonon-qt4-gstreamer
polkit-qt4
qt4
xdg-utils

so i guess something from that list is missing as a build dependency, same goes for adcli-git.

BuZZ-dEE commented on 2017-05-22 14:34

The following command worked for me.

~> gpg --recv-keys --keyserver hkps://hkps.pool.sks-keyservers.net:443 7BFB1108D92765AF
gpg: Schlüssel 7BFB1108D92765AF: Öffentlicher Schlüssel "Stef Walter <stef@thewalter.net>" importiert
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: Tiefe: 0 gültig: 2 signiert: 1 Vertrauen: 0-, 0q, 0n, 0m, 0f, 2u
gpg: Tiefe: 1 gültig: 1 signiert: 0 Vertrauen: 0-, 0q, 0n, 0m, 1f, 0u
gpg: nächste "Trust-DB"-Pflichtüberprüfung am 2017-08-30
gpg: Anzahl insgesamt bearbeiteter Schlüssel: 1
gpg: importiert: 1

BuZZ-dEE commented on 2017-05-22 14:31

Same problem here, but behind a firewall.

~> gpg --recv-keys --keyserver hkp://keyserver.pgp.com:80 7BFB1108D92765AF
gpg: Keine gültigen OpenPGP-Daten gefunden.
gpg: Anzahl insgesamt bearbeiteter Schlüssel: 0

ajzimm3rman commented on 2016-11-15 18:48

" I ran "gpg --recv-keys 7BFB1108D92765AF" and that seemed to fix it."

I ran "gpg --recv-keys 7BFB1108D92765AF" and I got gpg: keyserver receive failed: No keyserver available.

jdawg commented on 2015-02-08 19:46

I was having problems because the SHA1 hash verification failed yesterday. I tried it again today and it worked!
I also ran in to an error with GPG. I determined that I did not have public key in my keyring. I ran "gpg --recv-keys 7BFB1108D92765AF" and that seemed to fix it.
Sorry for any confusion. Package works as expected. Thanks for your work in maintaining the package!

grawity commented on 2015-02-08 15:32

@jdawg: What SHA1 are you seeing? http://www.freedesktop.org/software/realmd/releases/adcli-0.7.5.tar.gz still has 4b4ec635447bd2bed8f73f52a2181242d468aab6 as far as I can see. There was no change since I've uploaded the package.

jdawg commented on 2015-02-08 06:37

According to the download page, this was last updated on 13-Sep-2013. The version number matches, but the SHA1 hash does not.

grawity commented on 2014-06-25 06:19

justin8: Could you export KRB5_TRACE=/dev/stderr, try adcli again, and email me the complete log? (Preferably both working and not-working, to see the diff.)

justin8 commented on 2014-06-25 03:52

Sorry to be annoying, but I've also noticed that this appears to work, but when authing against a domain (tested on 2k8 and 2k12 domains) it fails with this error:
adcli: couldn't connect to wotifgroup.com domain: Couldn't authenticate as: $USER@$DOMAIN: Preauthentication failed

unless SSSD is installed. It might only need to be an optdepend, I'm not sure what sort of domains it can authenticate against without it however.