Hi,
I try to join a domain via the web interface for the purpose of configuring
radius later on.
However, already the test join fails.
I set net.ipv4.ip_forward = 1.
My domain controller is running samba 4.2.10-Debian.
I have tried to join manually using:
net ads join -S mypdc.mydomain.org -U administrator --configfile
/etc/samba/mydomain.conf
This succeeds. Output:
Using short domain name -- MYDOMAIN
Joined 'PF' to dns domain mydomain.org
DNS Update for pf.mydomain.org failed: ERROR_DNS_UPDATE_FAILED DNS update
failed: NT_STATUS_UNSUCCESSFUL
Afterwards, I run
perl /usr/local/pf/addons/AD/migrate.pl
This gives however many errors:
can't parse /usr/local/pf/conf/domain.conf : Line 1 in file
/usr/local/pf/conf/domain.conf is mal-formed:
[this, Line 2 in file /usr/local/pf/conf/domain.conf is mal-formed:
DOMAIN], 3: parameter found outside a section Can't parse
/usr/local/pf/conf/domain.conf : Line 1 in file
/usr/local/pf/conf/domain.conf is mal-formed:
[this, Line 2 in file /usr/local/pf/conf/domain.conf is mal-formed:
DOMAIN], 3: parameter found outside a section
And a whole bunch of additional errors.
(I symlinked smb.conf to domain.conf, which was previously generated)
The web interface says " External configuration detected." And tells me to
run the script.
Which I already did.
Dejoining the domain manually does not help.
Packet fence still thinks the machine is joined.
The only resort seems to be a full reinstall.
Further things I noticed:
- if I start with a clean install of pf and I do not create vlans (apart
from the registration and isolation vlan), at least the test join seems to
work.
However, if I try:
chroot /chroots/domain
wbinfo -u
ntlm_auth --username=administrator
both fail
- if I add vlans for my normal network setup, winbind coredumps.
- by the way: is it necessary for pf to add all the vlans? Or just the
registration and isolation vlans? I want to use pf mainly for putting
wireless users in the correct vlan.
- /etc/krb5.conf has a line
admin_server = mypdc.mydomain.org :749
However, my domain controller running 4.2.10-Debian does have an open tcp
port 749 according to netstat.
Please help,
Best,
JG
------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
