Re: [PacketFence-users] [External] [External] Domain Joining PacketFence Fails

Tue, 23 Aug 2022 17:41:50 -0700 

[DOMAINNAME]
dns_name= DOMAINNAME.Local
dns_servers=10.0.1.15
server_name=%h
ou=Domain Computers
ad_server=mydc1
workgroup=domain.Local
status=enabled
sticky_dc=mydc1
ntlm_cache_expiry=3600
# Copyright (C) Inverse inc.




Chain PREROUTING (policy ACCEPT 16868 packets, 1946K bytes)
pkts bytes target     prot opt in     out     source               destination

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 177K packets, 11M bytes)
pkts bytes target     prot opt in     out     source               destination

Chain POSTROUTING (policy ACCEPT 177K packets, 11M bytes)
pkts bytes target     prot opt in     out     source               destination
    2   201 SNAT       all  --  *      eth0    169.254.0.0/16       0.0.0.0/0   
         to:10.0.1.19

Chain postrouting-inline-routed (0 references)
pkts bytes target     prot opt in     out     source               destination

Chain postrouting-int-inline-if (0 references)
pkts bytes target     prot opt in     out     source               destination

Chain prerouting-int-inline-if (0 references)
pkts bytes target     prot opt in     out     source               destination

Chain prerouting-int-vlan-if (0 references)
pkts bytes target     prot opt in     out     source               destination

From: Fabrice Durand <oeufd...@gmail.com>
Sent: Tuesday, August 23, 2022 2:36 PM
To: packetfence-users@lists.sourceforge.net
Cc: Nate Breeden <nbree...@criswellauto.com>
Subject: Re: [External] [PacketFence-users] [External] Domain Joining 
PacketFence Fails

This message was sent from outside the company, please use caution when 
clicking links or opening attachments unless you recognize the source of this 
email and know the content is safe.

Hello,

can you show me the content of conf/domain.conf and also the result of iptables 
-L -n -v -t nat

Regards
Fabrice



Le mar. 23 août 2022 à 14:25, Nate Breeden via PacketFence-users 
<packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>>
 a écrit :
Hey Aaron,

My DCs are using Server 2019, also have tried it with the firewall disabled and 
had the same result.

Also thought this would be the easiest part of my install lol


Thanks!

Nate Breeden
Director of IT
Criswell Automotive
F: (301) 212-4520
O: (301) 212-4520

[Criswell Automotive]
CONFIDENTIALITY NOTICE:
The contents of this email message and any attachments are intended solely for 
the addressee(s) and may contain confidential and/or privileged information and 
may be legally protected from disclosure. If you are not the intended recipient 
of this message or their agent, or if this message has been addressed to you in 
error, please immediately alert the sender by reply email and then delete this 
message and any attachments. If you are not the intended recipient, you are 
hereby notified that any use, dissemination, copying, or storage of this 
message or its attachments is strictly prohibited.


From: Aaron Zuercher via PacketFence-users 
<packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>>
Sent: Tuesday, August 23, 2022 11:25 AM
To: 
packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>
Cc: Aaron Zuercher <aaron.techge...@gmail.com<mailto:aaron.techge...@gmail.com>>
Subject: Re: [External] [PacketFence-users] Domain Joining PacketFence Fails

This message was sent from outside the company, please use caution when 
clicking links or opening attachments unless you recognize the source of this 
email and know the content is safe.

Nate,
this part of my install was pretty straight forward.  What version of windows 
in your DC?   What about firewall blocking something?

Aaron

On Tue, Aug 23, 2022 at 7:34 AM Nate Breeden via PacketFence-users 
<packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>>
 wrote:
When trying to domain join PacketForce, on the web GUI we receive “Failed to 
join domain: failed to find DC for domain Computers - The object was not found.”

After searching through a bunch of articles, it looks like where it says “for 
domain Computers” should say “for domain MYDOMAIN”?

Did a full reinstall of PacketFence thinking something was wrong with the 
install, but am still facing the same issue.

In the actual Debian VM if I ping a hostname without the domain name it replies 
with the correct IP address, same thing when pining with the FQDN.


Cat /etc/resolv.conf > this returns the proper DNS IP addresses for my domain



Net ads status > this returns “ads_connect: No logon servers are currently 
available to service the logon request.” (X2)



Also have tried tweaking each setting on the Configuration > Policies and 
Access Control > Domains > Active Directory Domains > [my identifier], 
including either using IP addresses/hostnames (for Active Directory server, 
Sticky DC), changing the admin credentials around 
(myadmin@domain.local<mailto:myadmin@domain.local>, myadmin@domain, myadmin, 
mydomain\myadmin), have tweaked the “This server’s name” field, to either 
specify a name or utilize %h.




Here is the log from /usr/local/pf/logs/packetfence.log (censored my server 
name and domain name)

Aug 22 20:23:40 [myservername] pfqueue[12690]: pfqueue(12690) INFO: 
[mac:unknown] domain join : Failed to join domain: failed to find DC for domain 
Computers - The object was not found. (pf::domain::join_domain)
Aug 22 20:23:44 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:23:50 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:23:56 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:02 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:08 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:14 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:20 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:26 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:29 [myservername] packetfence[13694]: pfperl-api(1249) INFO: 
getting security_events triggers for accounting cleanup 
(pf::accounting::acct_maintenance)
Aug 22 20:24:29 [myservername] packetfence[13693]: pfperl-api(1242) INFO: 
processed 0 security_events during security_event maintenance (1661199869.09285 
1661199869.0996)  (pf::security_event::security_event_mainte>Aug 22 20:24:29 
[myservername] packetfence[13693]: pfperl-api(1242) INFO: processed 0 
security_events during security_event maintenance (1661199869.10111 
1661199869.10295)  (pf::security_event::security_event_maint>Aug 22 20:24:29 
[myservername] packetfence[13696]: pfperl-api(1248) INFO: Using 300 resolution 
threshold (pf::pfcron::task::cluster_check::run)
Aug 22 20:24:29 [myservername] packetfence[13696]: pfperl-api(1248) INFO: All 
cluster members are running the same configuration version 
(pf::pfcron::task::cluster_check::run)
Aug 22 20:24:32 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:38 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:44 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:50 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:56 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:25:02 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:25:08 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:25:14 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:25:20 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:25:26 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:25:29 [myservername] packetfence[13770]: pfperl-api(1243) INFO: Using 
300 resolution threshold (pf::pfcron::task::cluster_check::run)
Aug 22 20:25:29 [myservername] packetfence[13770]: pfperl-api(1243) INFO: All 
cluster members are running the same configuration version 
(pf::pfcron::task::cluster_check::run)
Aug 22 20:25:29 [myservername] packetfence[13772]: pfperl-api(1243) INFO: 
getting security_events triggers for accounting cleanup 
(pf::accounting::acct_maintenance)
Aug 22 20:25:29 [myservername] packetfence[13768]: pfperl-api(1249) INFO: 
processed 0 security_events during security_event maintenance (1661199929.04501 
1661199929.05668)  (pf::security_event::security_event_maint>Aug 22 20:25:29 
[myservername] packetfence[13768]: pfperl-api(1249) INFO: processed 0 
security_events during security_event maintenance (1661199929.05834 
1661199929.06063)  (pf::security_event::security_event_maint>Aug 22 20:25:32 
[myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) 
WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler)
Aug 22 20:25:38 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:25:44 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)

Nate Breeden
Director of IT
Criswell Automotive
F: (301) 212-4520
O: (301) 212-4520

[Criswell Automotive]

CONFIDENTIALITY NOTICE:
The contents of this email message and any attachments are intended solely for 
the addressee(s) and may contain confidential and/or privileged information and 
may be legally protected from disclosure. If you are not the intended recipient 
of this message or their agent, or if this message has been addressed to you in 
error, please immediately alert the sender by reply email and then delete this 
message and any attachments. If you are not the intended recipient, you are 
hereby notified that any use, dissemination, copying, or storage of this 
message or its attachments is strictly prohibited.
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/packetfence-users<https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.sourceforge.net_lists_listinfo_packetfence-2Dusers&d=DwQFaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=bN7h99u95vnWXdgcnyXbKhFNtKrIMJiUqmx4gtnfO4k&m=VBLH4Ydg3fY7gtcpOhaxgVlC2odyQGtD-DfyKES44G8&s=8KdighPKtbmVK0uVW7d0VzRRhTDfAMY2_AqrXvBXNNo&e=>



________________________________

This email has been scanned for spam and viruses. Click 
here<https://us-spambrella.cloud-protect.net/index01.php?mod_id=11&mod_option=logitem&mail_id=1661271047-GWqjQkgRREyf&r_address=nbreeden%40criswellauto.com&report=1>
 to report this email as spam.
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/packetfence-users<https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.sourceforge.net_lists_listinfo_packetfence-2Dusers&d=DwQFaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=bN7h99u95vnWXdgcnyXbKhFNtKrIMJiUqmx4gtnfO4k&m=VBLH4Ydg3fY7gtcpOhaxgVlC2odyQGtD-DfyKES44G8&s=8KdighPKtbmVK0uVW7d0VzRRhTDfAMY2_AqrXvBXNNo&e=>



________________________________

This email has been scanned for spam and viruses. Click 
here<https://us-spambrella.cloud-protect.net/index01.php?mod_id=11&mod_option=logitem&mail_id=1661279743-zbCjT9rfq8Rm&r_address=nbreeden%40criswellauto.com&report=1>
 to report this email as spam.

_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users






















					Reply via email to