Ahah Jake you are awesome! My personal BTW, - Thanks to Jake for being awesome with the community !! - Thanks to Julien (Inverse guy too) for helping me figuring it quickly :)
Cheers! dw. — Derek Wuelfrath dwuelfr...@inverse.ca :: www.inverse.ca +1.514.447.4918 (x110) :: +1.866.353.6153 (x110) Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) > On Aug 20, 2015, at 14:25, Sallee, Jake <jake.sal...@umhb.edu> wrote: > > BTW! > > This would have been impossible without the amazing Derek from Inverse. > > If you do not have a contract with Inverse I do not know what you are doing > with your life. > > Jake Sallee > Godfather of Bandwidth > System Engineer > University of Mary Hardin-Baylor > WWW.UMHB.EDU > > 900 College St. > Belton, Texas > 76513 > > Fone: 254-295-4658 > Phax: 254-295-4221 > > ________________________________________ > From: Sallee, Jake [jake.sal...@umhb.edu] > Sent: Thursday, August 20, 2015 1:23 PM > To: packetfence-users@lists.sourceforge.net > Subject: Re: [PacketFence-users] Error in GUI domain config [SOLVED] > > Hello all: > > Im posting this to the list for posterity. > > My issue was a little weird. > > I had disabled iptables on the server (I have an external FW inline with the > server, dont panic) and this was what was causing the domain join to fail. > > The new domain joining process makes use of chroot jails and iptables to > manipulate the traffic, it does this in ways that seem like black magic to me > but in time I'm sure I will understand it. > > Suffice it to say however, the domain joining process in the GUI will NOT > work without iptables being managed by PF. > > Jake Sallee > Godfather of Bandwidth > System Engineer > University of Mary Hardin-Baylor > WWW.UMHB.EDU > > 900 College St. > Belton, Texas > 76513 > > Fone: 254-295-4658 > Phax: 254-295-4221 > ________________________________ > From: Fletcher Haynes [fhay...@willamette.edu] > Sent: Thursday, August 20, 2015 11:50 AM > To: packetfence-users@lists.sourceforge.net > Subject: Re: [PacketFence-users] Error in GUI domain config > > Hrm, just out of curiosity, does your DNS have the appropriate records for AD? > > Also, have you checked the event log on the domain controllers? In the past, > I've also used wireshark on the DCs to debug connectivity issues. Those are > my primary ways of checking to see if the server is even trying to join AD. > > On Thu, Aug 20, 2015 at 9:34 AM, Sallee, Jake > <jake.sal...@umhb.edu<mailto:jake.sal...@umhb.edu>> wrote: > So, a configreload hard and blanking out my domain.conf file seemed to help. > > I can get to the domain GUI now ... so I've got that going for me ... which > is nice. > > I still cant get the server to join the AD though. > > here is the log: > > [2015/08/20 11:25:21, 0] winbindd/winbindd.c:1382(main) > winbindd version 3.6.23-14.el6_6 started. > Copyright Andrew Tridgell and the Samba Team 1992-2011 > [2015/08/20 11:25:21.669918, 0] > winbindd/winbindd_cache.c:3203(initialize_winbindd_cache) > initialize_winbindd_cache: clearing cache and re-creating with version > number 2 > [2015/08/20 11:25:21.672218, 0] > winbindd/winbindd_util.c:630(init_domain_list) > Could not fetch our SID - did we join? > [2015/08/20 11:25:21.672305, 0] > winbindd/winbindd.c:1142(winbindd_register_handlers) > unable to initialize domain list > > Not too helpful AFAICT. > > when I do a net ads info I get: > > ads_connect: No logon servers > ads_connect: No logon servers > Didn't find the ldap server! > > But I have made sure the servers are active, running, and accessible by my PF > server. > > Ideas? Deep theological insights? > > Jake Sallee > Godfather of Bandwidth > System Engineer > University of Mary Hardin-Baylor > WWW.UMHB.EDU<http://WWW.UMHB.EDU> > > 900 College St. > Belton, Texas > 76513 > > Fone: 254-295-4658<tel:254-295-4658> > Phax: 254-295-4221<tel:254-295-4221> > > ________________________________________ > From: Sallee, Jake [jake.sal...@umhb.edu<mailto:jake.sal...@umhb.edu>] > Sent: Thursday, August 20, 2015 10:50 AM > To: > packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net> > Subject: [PacketFence-users] Error in GUI domain config > > Hello all! > > Im trying to join my server to my AD domain, however it gave me an error > about not finding my info over rpc. > > However now when I go to the domain config section of the admin GUI i get the > red "An error occurred" dialogue. > > Can someone please post a working (and sanitized) copy of their domain.conf > so I can get this back up and running, my students are getting antsy : ) > > Also, I have already restarted the PF services to see if I could get back to > the GUI domains config, but no luck. Any ideas on how I can get that part of > the admin interface working again are welcome. > > Another weird thing is that I noticed winbindd no longer shows up in the list > of restart-able services in the web admin GUI, no idea if that is related. > > Jake Sallee > Godfather of Bandwidth > System Engineer > University of Mary Hardin-Baylor > WWW.UMHB.EDU<http://WWW.UMHB.EDU> > > 900 College St. > Belton, Texas > 76513 > > Fone: 254-295-4658<tel:254-295-4658> > Phax: 254-295-4221<tel:254-295-4221> > > ------------------------------------------------------------------------------ > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net> > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > ------------------------------------------------------------------------------ > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net> > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > > -- > Fletcher Haynes <fhay...@willamette.edu<mailto:fhay...@willamette.edu>> > Systems Administrator/Network Services Consultant > Willamette Integrated Technology Services > Willamette University, Salem, OR > Phone: 503.370.6016<tel:503.370.6016> > > ------------------------------------------------------------------------------ > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > ------------------------------------------------------------------------------ > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
