Hi all,
I have downloaded the Certificate Request App from the App Store, Have not yet bought it because I wanted to test it before purchase and I’m facing. strange issue
My Mac is bound to a Domain (I have also tested without bond), I need a VPN to access the AD, the AD Assign me an internal IP and I´m able to ping the AD and validate the DNS works as per Apple suggest in their KB. Everything seems ok
When Certificate Request ask me for a login, It seems try to connect but give me a “Connection Error: Could not connect to a Active Directory Domain Controller. Please Check DNS and Network connectivity” but I get a Kerberos ticket since I can list it with klist, If I Destroy de credential check with klist and try again, I get a ticket confirming the ticket is requested by the app.
Used nmap to verify the RPC port in the server is open and is OK
PORT STATE SERVICE
53/tcp open domain
88/tcp open kerberos-sec
135/tcp open msrpc
139/tcp open netbios-ssn
389/tcp open ldap
445/tcp open microsoft-ds
464/tcp open kpasswd5
593/tcp open http-rpc-epmap
636/tcp open ldapssl
3268/tcp open globalcatLDAP
3269/tcp open globalcatLDAPssl
3389/tcp open ms-wbt-server
5357/tcp open wsdapi
If I look at the error logs I got:
GSSAPI Error: Miscellaneous failure (see text (Server (krbtgt/INTERNAL.CLOUDAPP.NET@my-domain-redacted.COM) unknown)
return code is -2
message: Local error
could not bind
Following the great guides found in this site I tried to use the command line but found the command line tool is not in the app bundle.
ADCS is running and in theory properly configured in the server,
Could this be a problem related to the AppStore version or the usage of a VPN?
Any help will be really appreciated