Another avenue that you may want to look into is checking that the Active Directory domain controller has a real, routable IPv6 address and that you have disabled transition technologies (ISATAP, 6to4, Toredo, etc.) There are lots of headaches that can occur when AD thinks it is on a working IPv6 network and it really isn't.
-Ross -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of sowmya Sent: Thursday, February 27, 2014 4:10 PM To: [email protected] Subject: Re: Random failure while communicating with KDC Russ, Thanks much for your quick response. I am trying to do a "net ads join " to an Active Directory server on a Windows 2008 R2 server. I have been able to join the same Active Directory server with the same administrator account and password but to its IPv4 address. This problem only occurs if communication is to the Active Directory server's IPv6 address. I have set up all the reverse dns and service records. I am able to do a dig srv "_ldap._tcp.<domainname>" as well as all other _kerberos, _gc etc. records. But I kept getting "Cannot contact any KDC for requested realm" and started digging into the problem a bit. I turned on all the dprint messages in krb5 library and found the error. What can I do to get around this problem? I am at a loss now as to whether the problem is on the Windows server side or the client. Please let me know. Thanks again for your response, Sowmya. -- View this message in context: http://kerberos.996246.n3.nabble.com/Random-failure-while-communicating-with-KDC-tp39717p39736.html Sent from the Kerberos - General mailing list archive at Nabble.com. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
