[DOMAINNAME] dns_name= DOMAINNAME.Local dns_servers=10.0.1.15 server_name=%h ou=Domain Computers ad_server=mydc1 workgroup=domain.Local status=enabled sticky_dc=mydc1 ntlm_cache_expiry=3600 # Copyright (C) Inverse inc.
Chain PREROUTING (policy ACCEPT 16868 packets, 1946K bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 177K packets, 11M bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 177K packets, 11M bytes) pkts bytes target prot opt in out source destination 2 201 SNAT all -- * eth0 169.254.0.0/16 0.0.0.0/0 to:10.0.1.19 Chain postrouting-inline-routed (0 references) pkts bytes target prot opt in out source destination Chain postrouting-int-inline-if (0 references) pkts bytes target prot opt in out source destination Chain prerouting-int-inline-if (0 references) pkts bytes target prot opt in out source destination Chain prerouting-int-vlan-if (0 references) pkts bytes target prot opt in out source destination From: Fabrice Durand <oeufd...@gmail.com> Sent: Tuesday, August 23, 2022 2:36 PM To: packetfence-users@lists.sourceforge.net Cc: Nate Breeden <nbree...@criswellauto.com> Subject: Re: [External] [PacketFence-users] [External] Domain Joining PacketFence Fails This message was sent from outside the company, please use caution when clicking links or opening attachments unless you recognize the source of this email and know the content is safe. Hello, can you show me the content of conf/domain.conf and also the result of iptables -L -n -v -t nat Regards Fabrice Le mar. 23 août 2022 à 14:25, Nate Breeden via PacketFence-users <packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>> a écrit : Hey Aaron, My DCs are using Server 2019, also have tried it with the firewall disabled and had the same result. Also thought this would be the easiest part of my install lol Thanks! Nate Breeden Director of IT Criswell Automotive F: (301) 212-4520 O: (301) 212-4520 [Criswell Automotive] CONFIDENTIALITY NOTICE: The contents of this email message and any attachments are intended solely for the addressee(s) and may contain confidential and/or privileged information and may be legally protected from disclosure. If you are not the intended recipient of this message or their agent, or if this message has been addressed to you in error, please immediately alert the sender by reply email and then delete this message and any attachments. If you are not the intended recipient, you are hereby notified that any use, dissemination, copying, or storage of this message or its attachments is strictly prohibited. From: Aaron Zuercher via PacketFence-users <packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>> Sent: Tuesday, August 23, 2022 11:25 AM To: packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net> Cc: Aaron Zuercher <aaron.techge...@gmail.com<mailto:aaron.techge...@gmail.com>> Subject: Re: [External] [PacketFence-users] Domain Joining PacketFence Fails This message was sent from outside the company, please use caution when clicking links or opening attachments unless you recognize the source of this email and know the content is safe. Nate, this part of my install was pretty straight forward. What version of windows in your DC? What about firewall blocking something? Aaron On Tue, Aug 23, 2022 at 7:34 AM Nate Breeden via PacketFence-users <packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>> wrote: When trying to domain join PacketForce, on the web GUI we receive “Failed to join domain: failed to find DC for domain Computers - The object was not found.” After searching through a bunch of articles, it looks like where it says “for domain Computers” should say “for domain MYDOMAIN”? Did a full reinstall of PacketFence thinking something was wrong with the install, but am still facing the same issue. In the actual Debian VM if I ping a hostname without the domain name it replies with the correct IP address, same thing when pining with the FQDN. Cat /etc/resolv.conf > this returns the proper DNS IP addresses for my domain Net ads status > this returns “ads_connect: No logon servers are currently available to service the logon request.” (X2) Also have tried tweaking each setting on the Configuration > Policies and Access Control > Domains > Active Directory Domains > [my identifier], including either using IP addresses/hostnames (for Active Directory server, Sticky DC), changing the admin credentials around (myadmin@domain.local<mailto:myadmin@domain.local>, myadmin@domain, myadmin, mydomain\myadmin), have tweaked the “This server’s name” field, to either specify a name or utilize %h. Here is the log from /usr/local/pf/logs/packetfence.log (censored my server name and domain name) Aug 22 20:23:40 [myservername] pfqueue[12690]: pfqueue(12690) INFO: [mac:unknown] domain join : Failed to join domain: failed to find DC for domain Computers - The object was not found. (pf::domain::join_domain) Aug 22 20:23:44 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:23:50 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:23:56 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:24:02 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:24:08 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:24:14 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:24:20 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:24:26 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:24:29 [myservername] packetfence[13694]: pfperl-api(1249) INFO: getting security_events triggers for accounting cleanup (pf::accounting::acct_maintenance) Aug 22 20:24:29 [myservername] packetfence[13693]: pfperl-api(1242) INFO: processed 0 security_events during security_event maintenance (1661199869.09285 1661199869.0996) (pf::security_event::security_event_mainte>Aug 22 20:24:29 [myservername] packetfence[13693]: pfperl-api(1242) INFO: processed 0 security_events during security_event maintenance (1661199869.10111 1661199869.10295) (pf::security_event::security_event_maint>Aug 22 20:24:29 [myservername] packetfence[13696]: pfperl-api(1248) INFO: Using 300 resolution threshold (pf::pfcron::task::cluster_check::run) Aug 22 20:24:29 [myservername] packetfence[13696]: pfperl-api(1248) INFO: All cluster members are running the same configuration version (pf::pfcron::task::cluster_check::run) Aug 22 20:24:32 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:24:38 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:24:44 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:24:50 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:24:56 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:25:02 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:25:08 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:25:14 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:25:20 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:25:26 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:25:29 [myservername] packetfence[13770]: pfperl-api(1243) INFO: Using 300 resolution threshold (pf::pfcron::task::cluster_check::run) Aug 22 20:25:29 [myservername] packetfence[13770]: pfperl-api(1243) INFO: All cluster members are running the same configuration version (pf::pfcron::task::cluster_check::run) Aug 22 20:25:29 [myservername] packetfence[13772]: pfperl-api(1243) INFO: getting security_events triggers for accounting cleanup (pf::accounting::acct_maintenance) Aug 22 20:25:29 [myservername] packetfence[13768]: pfperl-api(1249) INFO: processed 0 security_events during security_event maintenance (1661199929.04501 1661199929.05668) (pf::security_event::security_event_maint>Aug 22 20:25:29 [myservername] packetfence[13768]: pfperl-api(1249) INFO: processed 0 security_events during security_event maintenance (1661199929.05834 1661199929.06063) (pf::security_event::security_event_maint>Aug 22 20:25:32 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:25:38 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Aug 22 20:25:44 [myservername] packetfence_winbindd-wrapper[13632]: winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] (main::child_sighandler) Nate Breeden Director of IT Criswell Automotive F: (301) 212-4520 O: (301) 212-4520 [Criswell Automotive] CONFIDENTIALITY NOTICE: The contents of this email message and any attachments are intended solely for the addressee(s) and may contain confidential and/or privileged information and may be legally protected from disclosure. If you are not the intended recipient of this message or their agent, or if this message has been addressed to you in error, please immediately alert the sender by reply email and then delete this message and any attachments. If you are not the intended recipient, you are hereby notified that any use, dissemination, copying, or storage of this message or its attachments is strictly prohibited. _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/packetfence-users<https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.sourceforge.net_lists_listinfo_packetfence-2Dusers&d=DwQFaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=bN7h99u95vnWXdgcnyXbKhFNtKrIMJiUqmx4gtnfO4k&m=VBLH4Ydg3fY7gtcpOhaxgVlC2odyQGtD-DfyKES44G8&s=8KdighPKtbmVK0uVW7d0VzRRhTDfAMY2_AqrXvBXNNo&e=> ________________________________ This email has been scanned for spam and viruses. Click here<https://us-spambrella.cloud-protect.net/index01.php?mod_id=11&mod_option=logitem&mail_id=1661271047-GWqjQkgRREyf&r_address=nbreeden%40criswellauto.com&report=1> to report this email as spam. _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/packetfence-users<https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.sourceforge.net_lists_listinfo_packetfence-2Dusers&d=DwQFaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=bN7h99u95vnWXdgcnyXbKhFNtKrIMJiUqmx4gtnfO4k&m=VBLH4Ydg3fY7gtcpOhaxgVlC2odyQGtD-DfyKES44G8&s=8KdighPKtbmVK0uVW7d0VzRRhTDfAMY2_AqrXvBXNNo&e=> ________________________________ This email has been scanned for spam and viruses. Click here<https://us-spambrella.cloud-protect.net/index01.php?mod_id=11&mod_option=logitem&mail_id=1661279743-zbCjT9rfq8Rm&r_address=nbreeden%40criswellauto.com&report=1> to report this email as spam.
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users