Join AD domain after installing sssd without reboot

The problem

In my team’s experience, we have a known issue where we had to reboot after installing the domain-joining packages (sssd and realmd primarily) before we could actually join the domain.

If, you install the rpms and then without a reboot try to join the domain with realm, you get a failure.

# /usr/sbin/realm join --computer-ou="OU=Linux,OU=Resources" --user="linuxdomainjoin" "ad.example.com" timeout=30
realm: Couldn't connect to realm service: Error calling StartServiceByName for org.freedesktop.realmd: Timeout was reached

You can examine the journalctl output for a little more detail.

Jan 14 09:15:44 host73.ad.example.com realmd[75184]: couldn't claim service name on DBus bus: org.freedesktop.realmd
Jan 14 09:15:44 host73.ad.example.com realmd[75184]: couldn't claim service name on DBus bus: org.freedesktop.realmd
Jan 14 09:16:09 host73.ad.example.com dbus[3222]: [system] Failed to activate service 'org.freedesktop.realmd': timed out

Jan 14 09:19:13 host73.ad.example.com realmd[75942]: Loaded settings from: /usr/lib64/realmd/realmd-defaults.conf /usr/lib64/realmd/realmd-distro.conf
Jan 14 09:19:13 host73.ad.example.com realmd[75942]: holding daemon: startup
Jan 14 09:19:13 host73.ad.example.com realmd[75942]: starting service
Jan 14 09:19:13 host73.ad.example.com realmd[75942]: connected to bus
Jan 14 09:19:13 host73.ad.example.com realmd[75942]: released daemon: startup
Jan 14 09:19:13 host73.ad.example.com realmd[75942]: couldn't claim service name on DBus bus: org.freedesktop.realmd
Jan 14 09:19:13 host73.ad.example.com realmd[75942]: couldn't claim service name on DBus bus: org.freedesktop.realmd
Jan 14 09:20:01 host73.ad.example.com CROND[76060]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Jan 14 09:20:43 host73.ad.example.com systemd[1]: realmd.service start operation timed out. Terminating.
Jan 14 09:20:43 host73.ad.example.com realmd[75942]: stopping service
Jan 14 09:20:43 host73.ad.example.com systemd[1]: Failed to start Realm and Domain Configuration.
Jan 14 09:20:43 host73.ad.example.com systemd[1]: Unit realmd.service entered failed state.
Jan 14 09:20:43 host73.ad.example.com systemd[1]: realmd.service failed.

The solution

Just restart dbus!

sudo systemctl restart dbus

WARNING! Because I haven’t done a lot of reading on the dbus topic, I cannot say that this is a safe procedure if you have existing workloads. My environment was a new build, so possibly blipping services was not a problem there.

Advertisements

2 thoughts on “Join AD domain after installing sssd without reboot

  1. This helped GREATLY with doing automated deployments with Ansible. I was having to write a play to reboot the server, wait for it to come back up, and then continue. Thank you for this gem!

    • I would like to point out that since writing this article, I have removed the restart dbus logic from my own playbooks. Restarting dbus causes other havoc and I found it best just to do the reboot if the dbus service for sssd didn’t start or whatever. Actually, I’ve now reverted to “net ads join” instead of using realm at all. I needed net ads because it can skip the dynamic dns updates which was important for my environment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.