Quote:
Originally Posted by kjhambrick
Could your /etc/resolv.conf file have been borked ?
Network Manager tends to make a mess of resolv.conf on our CentOS Boxen so we disable it in favor of good-ole hand-edited network config files.
-- kjh
|
Yeah, I disabled Network Manager long ago because it messed up other things besides resolv.conf.
I believe I did solve the problem. I tried restoring from a recent backup. Same problem. In fact, I neglected to mention this in my OP, but I had done a previous restore after which the problem manifested. So, for no good reason, I removed the host from the domain, then rejoined the domain (net ads join ...). That actually did the trick!
I'm wondering why. Did restoring to a previous date somehow mess up kerberos settings with respect to the AD server, or something like that which might be time/sequence related? For example I find:
Code:
/var/lib/samba/private/secrets.tdb
/var/lib/samba/private/netlogon_creds_cli.tdb
which would have been restored to a previous date.
If domain rejoining is needed, this would be good to know. I've not actually had to restore a Linux domain workstation since adding them to the AD domain, so if a rejoin needs to be done as a matter of course after a restore I'll have to document that as a mandatory procedure.