Hi,
I try to join a domain via the web interface for the purpose of configuring
radius later on.
However, already the test join fails.
I set net.ipv4.ip_forward = 1.
My domain controller is running samba 4.2.10-Debian.
I have tried to join manually using:
net ads join -S mypdc.mydomain.org -U administrator --configfile
/etc/samba/mydomain.conf
This succeeds. Output:
Using short domain name -- MYDOMAIN
Joined 'PF' to dns domain mydomain.org
DNS Update for pf.mydomain.org failed: ERROR_DNS_UPDATE_FAILED
DNS update failed: NT_STATUS_UNSUCCESSFUL
Afterwards, I run
perl /usr/local/pf/addons/AD/migrate.pl
This gives however many errors:
can't parse /usr/local/pf/conf/domain.conf : Line 1 in file
/usr/local/pf/conf/domain.conf is mal-formed:
[this, Line 2 in file /usr/local/pf/conf/domain.conf is mal-formed:
DOMAIN], 3: parameter found outside a section
Can't parse /usr/local/pf/conf/domain.conf : Line 1 in file
/usr/local/pf/conf/domain.conf is mal-formed:
[this, Line 2 in file /usr/local/pf/conf/domain.conf is mal-formed:
DOMAIN], 3: parameter found outside a section
And a whole bunch of additional errors.
(I symlinked smb.conf to domain.conf, which was previously generated)
The web interface says " External configuration detected." And tells me to
run the script.
Which I already did.
Dejoining the domain manually does not help.
Packet fence still thinks the machine is joined.
The only resort seems to be a full reinstall.
Further things I noticed:
- if I start with a clean install of pf and I do not create vlans (apart
from the registration and isolation vlan), at least the test join seems to
work.
However, if I try:
chroot /chroots/domain
wbinfo -u
ntlm_auth --username=administrator
both fail
- if I add vlans for my normal network setup, winbind coredumps.
- by the way: is it necessary for pf to add all the vlans? Or just the
registration and isolation vlans? I want to use pf mainly for putting
wireless users in the correct vlan.
- /etc/krb5.conf has a line
admin_server = mypdc.mydomain.org :749
However, my domain controller running 4.2.10-Debian does have an open tcp
port 749 according to netstat.
Please help,
Best,
JG
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
