Hello Fabrice, To solve our issue, we had to rename our servers and change in the pf.conf the hostname variable. Then we could use the %h in the AD configuration on each nodes. The join is marked successful and we see all 3 nodes in our AD.
Have a good day ! Adrian. De: "ADE" <adrian.dessai...@novasys.coop> À: "Fabrice Durand" <oeufd...@gmail.com> Cc: "packetfence-users" <packetfence-users@lists.sourceforge.net> Envoyé: Vendredi 23 Juin 2023 08:48:08 Objet: Re: [PacketFence-users] Help on AD and Realms conf on PF cluster Hello Fabrice, Thanks for this quick answer. It's what I tough, each node need to be seen in the AD. So, I need to go in " Configuration → Policies And Access Control → Domains → Active Directory Domains" and ad an AD entry for each node ? For exemple : -AD_node1 -AD_node2 -AD_node3 ? If I add juste one entry on the node 1 with the hostname "PF_node1", then go on the node 2, the entry is already configured as the hostname "PF_node1". I didn't mentioned, we can't use %h since our hostnames are too long. Maybe that's the issue here ? I have to manually set the hostname. Thanks for your help, Adrian. De: "Fabrice Durand" <oeufd...@gmail.com> À: "packetfence-users" <packetfence-users@lists.sourceforge.net> Cc: "ADE" <adrian.dessai...@novasys.coop> Envoyé: Jeudi 22 Juin 2023 20:39:32 Objet: Re: [PacketFence-users] Help on AD and Realms conf on PF cluster Hello Adrian, in fact when the doc say to join then it a samba join. So each servers needs to be joined to the domain (you should see a machine account for each of them in the AD). Regards Fabrice Le jeu. 22 juin 2023 à 11:54, Adrian Dessaigne via PacketFence-users < [ mailto:packetfence-users@lists.sourceforge.net | packetfence-users@lists.sourceforge.net ] > a écrit : Hello team ! I have recentrly set up a new instance of PacketFence wich have 3 servers and clusturised using the "Clustering Guide". It work good and no issues on synching. However I'm confused on how you're supposed to configure the AD and the Realms on a cluster setup. In the install documentation, it's mentionned : "If you are using an Active/Active cluster, each member of the cluster must be joined separately. Please follow the instructions in the PacketFence Clustering Guide." But on the clustering guide : "Next, make sure to join domains through Configuration → Policies And Access Control → Domains → Active Directory Domains on each node" At first I tough the AD Domains configs weren't synchronised but they are. So am I supposed to add a domain for each servers ? (if I only add one, synch, and I then join one by one, the previous servers loose the link and the join don't work anymore). If I have to add 3 domains configuration, one for each server, how do I configure the realms since I can only bind one domain ? I tested a few configuration but none are suitable. What is the best practice and what's the good way to configure the AD + Realms on a cluster ? Thanks a lot for your answers. Greats, Adrian. Enregistrer Enregistrer _______________________________________________ PacketFence-users mailing list [ mailto:PacketFence-users@lists.sourceforge.net | PacketFence-users@lists.sourceforge.net ] [ https://lists.sourceforge.net/lists/listinfo/packetfence-users | https://lists.sourceforge.net/lists/listinfo/packetfence-users ]
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
