Hello Christian,
can you try to see if the following command return the mgmt interface ?
ip route get 10.0.1.101
Also can you check if ip_forwarding is enabled on the packetfence server ?
Regards
Fabrice
Le 20-01-05 à 06 h 05, Christian Hillebrand via PacketFence-users a écrit :
Hi,
I am new to packetfence and currently trying to setup packetfence to work as
a VLAN enforcement and radius authenticationServer.
I worked through the installation documentation and everything went fine so
far.
However when trying to join my AD domain I am getting the Error:
Joining <domain> domain failed. Failed to join domain: failed to
find DC for domain <domain> - Undetermined error.
I first suspected that I am not getting any DNS responses by my AD DNS.
However a quick nslookup successfully returned correct DNS entries.
The entries which I tested are:
_msdcs.<domain>
_ldap._tcp.pdc._msdcs.<domain>
_ldap._tcp.gc._msdcs.<domain>
_ldap._tcp.dc._msdcs.<domain>
_kerberos._tcp.dc._msdcs.<domain>
<domainControllerFQDN>
<dsaGUID>._msdcs.<domain>
After some research I tried to join the domain manually by executing:
net ads join -U Administrator
However this also returned with an error:
Host is not configured as a member server.
Invalid configuration. Exiting....
Failed to join domain: This operation is only allowed for the PDC of
the domain.
So after researching a bit I checked that my Server is known by my DC, which
is the case.
I also checked that both system have the correct time and installed and
configured ntp on my packetfence machine.
However this did not resolve any of my issues.
Here my current setup:
Firewall/Router:
pfSense ( just a basic configuration to provide my VLAN's )
hostname: pfsense
Version: 2.4.4-RELEASE-p3
IP in Management VLAN: ^ 10.0.1.1
NAS with DC:
QNAP ts-432XU
Hostname: nas0
Firmware: 4.4.1.1146 build 20191206
IP: 10.0.1.101 (VLAN 101 Management) &
10.0.0.101 (VLAN 100)
My Users are in the main Users CN, the Computers are in the main "Computers"
CN, I did not configure any additional OU's
packetfence:
Debian 4.9.0-11-amd-64
Hostname: nac0
IP Management: 10.0.1.2 ( in all my VLAN's pfSense is assigned to
the second IP )
IP Registration: 10.0.253.2
IP Isolation: 10.0.254.2
...
AD Domain settings in packetfence:
Workgroup: <domain> (without tld)
DNS name of this domain: <domain>
This server's name: %h
Active Directory server: nas0.<domain>
DNS server(s): 10.0.1.101
OU: Computers
Ntlm2 only: false
Allow on registration: false
So what am I missing? Is packetfence searching for any additional DNS
entries to connect to the DC?
I tried joining the domain with realmd which worked, so I am not sure where
I am doing something wrong...
Thanks!
Best regards,
Christian
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
