> On 8 Oct 2018, at 16:16, Spike White <spikewhit...@gmail.com> wrote: > > All, > > I had a VM down for a great number of days. Apparently, it was not 30 days. > Because even though it initially didn't correct do AD authentication, I fixed > one misconfiguration in /etc/krb5.conf, restarted SSSD and it did. > > But that raises a bigger question. If it's been >30 days and my machine > account is no longer valid, how do I rejoin the domain? > > Is it: > realm leave (no flags) > readlm join (with all my usual flags that I use on the initial realm join) >
Wouldn’t it be safer to just use adcli update? Looking at the man page, it appears you can also kinit as another user (since your machine credentials are probably gone now) and point adcli there with —login-ccache I don’t know realmd into too many details, but I wonder if realm leave && realm join would rewrite any config changes you do. _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org