Iptables looks to be ok. But are you sure about workgroup=domain.Local ?
Also put dns_name and workgroup in uppercase . Le mar. 23 août 2022 à 15:09, Nate Breeden <nbree...@criswellauto.com> a écrit : > [DOMAINNAME] > > dns_name= DOMAINNAME.Local > > dns_servers=10.0.1.15 > > server_name=%h > > ou=Domain Computers > > ad_server=mydc1 > > workgroup=domain.Local > > status=enabled > > sticky_dc=mydc1 > > ntlm_cache_expiry=3600 > > # Copyright (C) Inverse inc. > > > > > > > > > > Chain PREROUTING (policy ACCEPT 16868 packets, 1946K bytes) > > pkts bytes target prot opt in out source > destination > > > > Chain INPUT (policy ACCEPT 0 packets, 0 bytes) > > pkts bytes target prot opt in out source > destination > > > > Chain OUTPUT (policy ACCEPT 177K packets, 11M bytes) > > pkts bytes target prot opt in out source > destination > > > > Chain POSTROUTING (policy ACCEPT 177K packets, 11M bytes) > > pkts bytes target prot opt in out source > destination > > 2 201 SNAT all -- * eth0 169.254.0.0/16 > 0.0.0.0/0 to:10.0.1.19 > > > > Chain postrouting-inline-routed (0 references) > > pkts bytes target prot opt in out source > destination > > > > Chain postrouting-int-inline-if (0 references) > > pkts bytes target prot opt in out source > destination > > > > Chain prerouting-int-inline-if (0 references) > > pkts bytes target prot opt in out source > destination > > > > Chain prerouting-int-vlan-if (0 references) > > pkts bytes target prot opt in out source > destination > > > > *From:* Fabrice Durand <oeufd...@gmail.com> > *Sent:* Tuesday, August 23, 2022 2:36 PM > *To:* packetfence-users@lists.sourceforge.net > *Cc:* Nate Breeden <nbree...@criswellauto.com> > *Subject:* Re: [External] [PacketFence-users] [External] Domain Joining > PacketFence Fails > > > > This message was sent from outside the company, please use caution when > clicking links or opening attachments unless you recognize the source of > this email and know the content is safe. > > > > Hello, > > > > can you show me the content of conf/domain.conf and also the result of > iptables -L -n -v -t nat > > > > Regards > > Fabrice > > > > > > > > Le mar. 23 août 2022 à 14:25, Nate Breeden via PacketFence-users < > packetfence-users@lists.sourceforge.net> a écrit : > > Hey Aaron, > > > > My DCs are using Server 2019, also have tried it with the firewall > disabled and had the same result. > > > > Also thought this would be the easiest part of my install lol > > > > > > Thanks! > > > > > > *Nate Breeden Director of IT *Criswell Automotive > F: (301) 212-4520 > O: (301) 212-4520 > > > [image: Criswell Automotive] > > CONFIDENTIALITY NOTICE: > The contents of this email message and any attachments are intended solely > for the addressee(s) and may contain confidential and/or privileged > information and may be legally protected from disclosure. If you are not > the intended recipient of this message or their agent, or if this message > has been addressed to you in error, please immediately alert the sender by > reply email and then delete this message and any attachments. If you are > not the intended recipient, you are hereby notified that any use, > dissemination, copying, or storage of this message or its attachments is > strictly prohibited. > > > > > > *From:* Aaron Zuercher via PacketFence-users < > packetfence-users@lists.sourceforge.net> > *Sent:* Tuesday, August 23, 2022 11:25 AM > *To:* packetfence-users@lists.sourceforge.net > *Cc:* Aaron Zuercher <aaron.techge...@gmail.com> > *Subject:* Re: [External] [PacketFence-users] Domain Joining PacketFence > Fails > > > > This message was sent from outside the company, please use caution when > clicking links or opening attachments unless you recognize the source of > this email and know the content is safe. > > > > Nate, > > this part of my install was pretty straight forward. What version of > windows in your DC? What about firewall blocking something? > > > > Aaron > > > > On Tue, Aug 23, 2022 at 7:34 AM Nate Breeden via PacketFence-users < > packetfence-users@lists.sourceforge.net> wrote: > > When trying to domain join PacketForce, on the web GUI we receive “Failed > to join domain: failed to find DC for domain Computers - The object was not > found.” > > > > After searching through a bunch of articles, it looks like where it says > “for domain Computers” should say “for domain MYDOMAIN”? > > > > Did a full reinstall of PacketFence thinking something was wrong with the > install, but am still facing the same issue. > > > > In the actual Debian VM if I ping a hostname without the domain name it > replies with the correct IP address, same thing when pining with the FQDN. > > > > Cat /etc/resolv.conf > this returns the proper DNS IP addresses for my > domain > > > > Net ads status > this returns “ads_connect: No logon servers are currently > available to service the logon request.” (X2) > > > > > > Also have tried tweaking each setting on the *Configuration > Policies > and Access Control > Domains > Active Directory Domains > [my identifier]*, > including either using IP addresses/hostnames (for Active Directory server, > Sticky DC), changing the admin credentials around (myadmin@domain.local, > myadmin@domain, myadmin, mydomain\myadmin), have tweaked the “This > server’s name” field, to either specify a name or utilize %h. > > > > > > > > > > Here is the log from /usr/local/pf/logs/packetfence.log (censored my > server name and domain name) > > > > Aug 22 20:23:40 [myservername] pfqueue[12690]: pfqueue(12690) INFO: > [mac:unknown] domain join : Failed to join domain: failed to find DC for > domain Computers - The object was not found. (pf::domain::join_domain) > > Aug 22 20:23:44 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > Aug 22 20:23:50 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > Aug 22 20:23:56 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > Aug 22 20:24:02 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > Aug 22 20:24:08 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > Aug 22 20:24:14 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > Aug 22 20:24:20 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > Aug 22 20:24:26 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > Aug 22 20:24:29 [myservername] packetfence[13694]: pfperl-api(1249) INFO: > getting security_events triggers for accounting cleanup > (pf::accounting::acct_maintenance) > > Aug 22 20:24:29 [myservername] packetfence[13693]: pfperl-api(1242) INFO: > processed 0 security_events during security_event maintenance > (1661199869.09285 1661199869.0996) > (pf::security_event::security_event_mainte>Aug 22 20:24:29 [myservername] > packetfence[13693]: pfperl-api(1242) INFO: processed 0 security_events > during security_event maintenance (1661199869.10111 1661199869.10295) > (pf::security_event::security_event_maint>Aug 22 20:24:29 [myservername] > packetfence[13696]: pfperl-api(1248) INFO: Using 300 resolution threshold > (pf::pfcron::task::cluster_check::run) > > Aug 22 20:24:29 [myservername] packetfence[13696]: pfperl-api(1248) INFO: > All cluster members are running the same configuration version > (pf::pfcron::task::cluster_check::run) > > Aug 22 20:24:32 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > Aug 22 20:24:38 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > Aug 22 20:24:44 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > Aug 22 20:24:50 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > Aug 22 20:24:56 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > Aug 22 20:25:02 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > Aug 22 20:25:08 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > Aug 22 20:25:14 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > Aug 22 20:25:20 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > Aug 22 20:25:26 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > Aug 22 20:25:29 [myservername] packetfence[13770]: pfperl-api(1243) INFO: > Using 300 resolution threshold (pf::pfcron::task::cluster_check::run) > > Aug 22 20:25:29 [myservername] packetfence[13770]: pfperl-api(1243) INFO: > All cluster members are running the same configuration version > (pf::pfcron::task::cluster_check::run) > > Aug 22 20:25:29 [myservername] packetfence[13772]: pfperl-api(1243) INFO: > getting security_events triggers for accounting cleanup > (pf::accounting::acct_maintenance) > > Aug 22 20:25:29 [myservername] packetfence[13768]: pfperl-api(1249) INFO: > processed 0 security_events during security_event maintenance > (1661199929.04501 1661199929.05668) > (pf::security_event::security_event_maint>Aug 22 20:25:29 [myservername] > packetfence[13768]: pfperl-api(1249) INFO: processed 0 security_events > during security_event maintenance (1661199929.05834 1661199929.06063) > (pf::security_event::security_event_maint>Aug 22 20:25:32 [myservername] > packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: > [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) > > Aug 22 20:25:38 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > Aug 22 20:25:44 [myservername] packetfence_winbindd-wrapper[13632]: > winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] > (main::child_sighandler) > > > > *Nate Breeden* > > * Director of IT *Criswell Automotive > F: (301) 212-4520 > O: (301) 212-4520 > > > [image: Criswell Automotive] > > CONFIDENTIALITY NOTICE: > The contents of this email message and any attachments are intended solely > for the addressee(s) and may contain confidential and/or privileged > information and may be legally protected from disclosure. If you are not > the intended recipient of this message or their agent, or if this message > has been addressed to you in error, please immediately alert the sender by > reply email and then delete this message and any attachments. If you are > not the intended recipient, you are hereby notified that any use, > dissemination, copying, or storage of this message or its attachments is > strictly prohibited. > > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users > <https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.sourceforge.net_lists_listinfo_packetfence-2Dusers&d=DwQFaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=bN7h99u95vnWXdgcnyXbKhFNtKrIMJiUqmx4gtnfO4k&m=VBLH4Ydg3fY7gtcpOhaxgVlC2odyQGtD-DfyKES44G8&s=8KdighPKtbmVK0uVW7d0VzRRhTDfAMY2_AqrXvBXNNo&e=> > > > ------------------------------ > > This email has been scanned for spam and viruses. Click here > <https://us-spambrella.cloud-protect.net/index01.php?mod_id=11&mod_option=logitem&mail_id=1661271047-GWqjQkgRREyf&r_address=nbreeden%40criswellauto.com&report=1> > to report this email as spam. > > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users > <https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.sourceforge.net_lists_listinfo_packetfence-2Dusers&d=DwQFaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=bN7h99u95vnWXdgcnyXbKhFNtKrIMJiUqmx4gtnfO4k&m=VBLH4Ydg3fY7gtcpOhaxgVlC2odyQGtD-DfyKES44G8&s=8KdighPKtbmVK0uVW7d0VzRRhTDfAMY2_AqrXvBXNNo&e=> > > > ------------------------------ > > This email has been scanned for spam and viruses. Click here > <https://us-spambrella.cloud-protect.net/index01.php?mod_id=11&mod_option=logitem&mail_id=1661279743-zbCjT9rfq8Rm&r_address=nbreeden%40criswellauto.com&report=1> > to report this email as spam. >
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
