Unable to connect to SQL Server from RHEL Server 7.4 using Kerberos

linux sql-server redhat kerberos
8,274

what did you get from 

klist -k

executed as root? If there is nothing to see, then your server is not joined to the active directory. Otherwise you see your host entries for the kerberos system.

Normally, RHEL 7 Systems are configured with sssd as the central authentication service. Please check if sssd is installed and running: 

systemctl status sssd

If not, you can try to join again with 

net ads join

Otherwise, configure your sssd to join your active directory domain with

realm join

You can get more Information about this here:

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/windows_integration_guide/SSSD-AD

Regards, Björn

Share:
8,274
chad
Author by

chad

Developer since birth, Coder by heart. [email protected] http://www.richardinterior.com https://www.linkedin.com/in/richardinterior/

Updated on September 18, 2022

Comments

  • chad
    chad over 1 year

    So I'm trying to connect to one of our SQL server from a RHEL Server 7.4 machine, I already installed kerberos, unixodbc and Microsoft ODBC for Linux.

    The SQL Server I'm trying to connect to is inside Active Directory domain, I was able to authenticate through that using kinit but still getting SSPI Provider: Server not found in Kerberos database. error.

    This is my snippet from terminal:

    [RH@localhost /]$ sudo kinit [email protected]
[sudo] password for RH: 
Password for [email protected]: 
[RH@localhost /]$ sqlcmd -E -S MyServer
Sqlcmd: Error: Microsoft ODBC Driver 13 for SQL Server : SSPI Provider: Server not found in Kerberos database.
Sqlcmd: Error: Microsoft ODBC Driver 13 for SQL Server : Cannot generate SSPI context.

    This is my /etc/krb5.conf:

    [libdefaults]
 dns_lookup_realm = false
 ticket_lifetime = 24h
 forwardable = yes
 default_realm = ADS.LOCAL.COM
 default_ccache_name = KEYRING:persistent:%{uid}
 dns_lookup_kdc = true

[domain_realm]
 .ads.local.com = ADS.LOCAL.COM

    Thanks in advance!

  • chad
    chad over 6 years
    Thanks for the answer! Do you think there would be a security flaw or issue when I join a Linux server to a Windows AD?
  • TuxOne
    TuxOne over 6 years
    No, this is common practice. If you set on standard software from the main distributions, this will work without more security issues than on windows systems ;-)

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

FreeTDS - tsql connects, isql fails
/usr/bin/ld: attempted static link of dynamic object `/usr/lib64/libm.so'
When and Why run alternatives --install java jar javac javaws on installing jdk in linux
Connect to MS SQL Server from PHP on Linux?
python No module named ujson, while it's already installed
login script to use machine password for kinit to obtain ticket at login
CentOS use SNMP to show interface useage
PHP - Unable to load dynamic library '/usr/lib64/php/modules/
Changing temporary file folder location in linux (for everything on the system)?
RedHat yum subversion installation