Let's try that:
ip netns exec MYDOMAIN ping 172.16.7.10
ip netns exec MYDOMAIN nslookup www.google.de
What is the result ?
Le 2017-08-23 à 10:55, Akala Kehinde a écrit :
> Hello Fabrice,
>
> Was thinkig, could it be a problem with the winbindd itself.
>
> Regards,
> Kehinde
>
> On Wed, Aug 23, 2017 at 3:02 PM, Akala Kehinde <kehindeak...@gmail.com
> <mailto:kehindeak...@gmail.com>> wrote:
>
> Hallo Fabrice,
>
> [root@pfence sysctl.d]# cat 99-ip_forward.conf
> # ip forwarding enabled by packetfence
> net.ipv4.ip_forward = 1
>
> Checked timing already on both servers, it"s d same.
>
> Regards,
> Kehinde
>
> On Wed, Aug 23, 2017 at 2:32 PM, Fabrice Durand via
> PacketFence-users <packetfence-users@lists.sourceforge.net
> <mailto:packetfence-users@lists.sourceforge.net>> wrote:
>
> Hello Akala,
>
> does ip_forward is enable ?
>
> does the time of the packetfence server is the same as the AD
> server ?
>
> Regards
>
> Fabrice
>
>
>
> Le 2017-08-23 à 02:38, Akala Kehinde a écrit :
>> Hello Fabrice,
>>
>> Kindly see below:
>>
>> [root@pfence pf]# chroot /chroots/MYDOMAIN wbinfo -u
>> could not obtain winbind interface details:
>> WBC_ERR_WINBIND_NOT_AVAILABLE
>> could not obtain winbind domain name!
>> Error looking up domain users
>> [root@pfence pf]# chroot /chroots/MYDOMAIN wbinfo -g
>> could not obtain winbind interface details:
>> WBC_ERR_WINBIND_NOT_AVAILABLE
>> could not obtain winbind domain name!
>> failed to call wbcListGroups: WBC_ERR_WINBIND_NOT_AVAILABLE
>> Error looking up domain groups
>> [root@pfence pf]# chroot /chroots/MYDOMAIN wbinfo -t
>> could not obtain winbind interface details:
>> WBC_ERR_WINBIND_NOT_AVAILABLE
>> could not obtain winbind domain name!
>> checking the trust secret for domain (null) via RPC calls failed
>> failed to call wbcCheckTrustCredentials:
>> WBC_ERR_WINBIND_NOT_AVAILABLE
>> Could not check secret
>> [root@pfence pf]#
>> [root@pfence pf]# chroot /chroots/MYDOMAIN wbinfo -P
>> could not obtain winbind interface details:
>> WBC_ERR_WINBIND_NOT_AVAILABLE
>> could not obtain winbind domain name!
>> checking the NETLOGON for domain[] dc connection to "" failed
>> failed to call wbcPingDc: WBC_ERR_WINBIND_NOT_AVAILABLE
>> [root@pfence pf]# chroot /chroots/MYDOMAIN wbinfo -p
>> Ping to winbindd failed
>> could not ping winbindd!
>> [root@pfence pf]#
>>
>>
>> Tested with TESTMAWOH.DE <http://TESTMAWOH.DE> but still
>> cannot join..
>> It's driving me nuts:)
>>
>> Regards,
>> Kehinde
>>
>> On Wed, Aug 23, 2017 at 4:44 AM, Durand fabrice via
>> PacketFence-users <packetfence-users@lists.sourceforge.net
>> <mailto:packetfence-users@lists.sourceforge.net>> wrote:
>>
>> Hello Akala,
>>
>> what happen if you do that:
>>
>> chroot /chroots/MYDOMAIN
>>
>> wbinfo -u
>>
>> wbinfo -g
>>
>> if there is no usernames or groups displayed then try :
>>
>> dns_name=TESTMAWOH.DE <http://TESTMAWOH.DE>
>>
>> and rejoin
>>
>> Regards
>> Fabrice
>>
>>
>> Le 2017-08-22 à 22:21, Akala Kehinde via
>> PacketFence-users a écrit :
>>>
>>> Hello guys,
>>>
>>> I get this error when trying to join PF to an Active
>>> Directory Server:
>>>
>>> [root@pfence pf]# tail -f
>>> /chroots/MYDOMAIN/var/log/sambaMYDOMAIN/log.winbindd
>>> [2017/08/23 02:20:34.196193, 0]
>>> ../source3/winbindd/winbindd_util.c:869(init_domain_list)
>>> Could not fetch our SID - did we join?
>>> [2017/08/23 02:20:34.196275, 0]
>>> ../source3/winbindd/winbindd.c:1408(winbindd_register_handlers)
>>> unable to initialize domain list
>>> [2017/08/23 02:20:34.324267, 0]
>>>
>>> ../source3/winbindd/winbindd_cache.c:3245(initialize_winbindd_cache)
>>> initialize_winbindd_cache: clearing cache and
>>> re-creating with version number 2
>>> [2017/08/23 02:20:34.333731, 0]
>>> ../source3/winbindd/winbindd_util.c:869(init_domain_list)
>>> Could not fetch our SID - did we join?
>>>
>>> [root@pfence pf]#
>>>
>>> Below is my domain.conf file:
>>>
>>> [MYDOMAIN]
>>>
>>> ntlm_cache_filter=(&(samAccountName=*)(!(|(lockoutTime=>0)(userAccountControl:1.2.840.113556.1.4.803:=2))))
>>> ntlm_cache=disabled
>>> registration=0
>>> ntlm_cache_expiry=3600
>>> dns_name=egelsbach.testmawoh.de
>>> <http://egelsbach.testmawoh.de>
>>> dns_servers=172.16.7.10
>>> ou=Computers
>>> ntlm_cache_on_connection=disabled
>>> workgroup=TESTMAWOH
>>> ntlm_cache_batch_one_at_a_time=disabled
>>> sticky_dc=*
>>> ad_server=winserver.egelsbach.testmawoh.de
>>> <http://winserver.egelsbach.testmawoh.de>
>>> ntlm_cache_batch=disabled
>>> server_name=pfence
>>> bind_pass=
>>> bind_dn=
>>>
>>> [root@pfence pf]# ps -efd | grep winbindd
>>> root 20052 1 7 04:15 ? 00:00:14
>>> winbindd-wrapper
>>> root 21912 20052 1 04:18 ? 00:00:00 sudo
>>> chroot /chroots/MYDOMAIN /usr/sbin/winbindd -s
>>> /etc/samba/MYDOMAIN.conf -l /var/log/sambaMYDOMAIN
>>> --foreground
>>> root 21913 21912 0 04:18 ? 00:00:00
>>> /usr/sbin/winbindd -s /etc/samba/MYDOMAIN.conf -l
>>> /var/log/sambaMYDOMAIN --foreground
>>> root 21915 4173 0 04:18 ttyS0 00:00:00 grep
>>> --color=auto winbindd
>>>
>>> [root@pfence pf]# /usr/local/pf/bin/pfcmd service
>>> winbindd status
>>> service|shouldBeStarted|pid
>>> winbindd|1|20052
>>> [root@pfence pf]#
>>>
>>> There is reachability between PF, the AD and DNS servers
>>> and all can resolve DNS queries.
>>>
>>> I have tried everything but just refuses to
>>> bind..Whatelse could be wrong pls?
>>>
>>>
>>> Regards,
>>> Kehinde
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Check out the vibrant tech community on one of the world's most
>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>
>>>
>>> _______________________________________________
>>> PacketFence-users mailing list
>>> PacketFence-users@lists.sourceforge.net
>>> <mailto:PacketFence-users@lists.sourceforge.net>
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>> <https://lists.sourceforge.net/lists/listinfo/packetfence-users>
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Check out the vibrant tech community on one of the
>> world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> _______________________________________________
>> PacketFence-users mailing list
>> PacketFence-users@lists.sourceforge.net
>> <mailto:PacketFence-users@lists.sourceforge.net>
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>> <https://lists.sourceforge.net/lists/listinfo/packetfence-users>
>>
>>
>
> --
> Fabrice Durand
> fdur...@inverse.ca <mailto:fdur...@inverse.ca> :: +1.514.447.4918
> <tel:%28514%29%20447-4918> (x135) :: www.inverse.ca <http://www.inverse.ca>
> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and
> PacketFence (http://packetfence.org)
>
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> <mailto:PacketFence-users@lists.sourceforge.net>
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
> <https://lists.sourceforge.net/lists/listinfo/packetfence-users>
>
>
>
--
Fabrice Durand
fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users