Re: [PacketFence-users] [External] [External] Domain Joining PacketFence Fails

2022-08-23 Thread Nate Breeden via PacketFence-users 
[DOMAINNAME]
dns_name= DOMAINNAME.Local
dns_servers=10.0.1.15
server_name=%h
ou=Domain Computers
ad_server=mydc1
workgroup=domain.Local
status=enabled
sticky_dc=mydc1
ntlm_cache_expiry=3600
# Copyright (C) Inverse inc.




Chain PREROUTING (policy ACCEPT 16868 packets, 1946K bytes)
pkts bytes target prot opt in out source   destination

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source   destination

Chain OUTPUT (policy ACCEPT 177K packets, 11M bytes)
pkts bytes target prot opt in out source   destination

Chain POSTROUTING (policy ACCEPT 177K packets, 11M bytes)
pkts bytes target prot opt in out source   destination
2   201 SNAT   all  --  *  eth0169.254.0.0/16   0.0.0.0/0   
 to:10.0.1.19

Chain postrouting-inline-routed (0 references)
pkts bytes target prot opt in out source   destination

Chain postrouting-int-inline-if (0 references)
pkts bytes target prot opt in out source   destination

Chain prerouting-int-inline-if (0 references)
pkts bytes target prot opt in out source   destination

Chain prerouting-int-vlan-if (0 references)
pkts bytes target prot opt in out source   destination

From: Fabrice Durand 
Sent: Tuesday, August 23, 2022 2:36 PM
To: packetfence-users@lists.sourceforge.net
Cc: Nate Breeden 
Subject: Re: [External] [PacketFence-users] [External] Domain Joining 
PacketFence Fails

This message was sent from outside the company, please use caution when 
clicking links or opening attachments unless you recognize the source of this 
email and know the content is safe.

Hello,

can you show me the content of conf/domain.conf and also the result of iptables 
-L -n -v -t nat

Regards
Fabrice



Le mar. 23 août 2022 à 14:25, Nate Breeden via PacketFence-users 
mailto:packetfence-users@lists.sourceforge.net>>
 a écrit :
Hey Aaron,

My DCs are using Server 2019, also have tried it with the firewall disabled and 
had the same result.

Also thought this would be the easiest part of my install lol


Thanks!

Nate Breeden
Director of IT
Criswell Automotive
F: (301) 212-4520
O: (301) 212-4520

[Criswell Automotive]
CONFIDENTIALITY NOTICE:
The contents of this email message and any attachments are intended solely for 
the addressee(s) and may contain confidential and/or privileged information and 
may be legally protected from disclosure. If you are not the intended recipient 
of this message or their agent, or if this message has been addressed to you in 
error, please immediately alert the sender by reply email and then delete this 
message and any attachments. If you are not the intended recipient, you are 
hereby notified that any use, dissemination, copying, or storage of this 
message or its attachments is strictly prohibited.


From: Aaron Zuercher via PacketFence-users 
mailto:packetfence-users@lists.sourceforge.net>>
Sent: Tuesday, August 23, 2022 11:25 AM
To: 
packetfence-users@lists.sourceforge.net
Cc: Aaron Zuercher mailto:aaron.techge...@gmail.com>>
Subject: Re: [External] [PacketFence-users] Domain Joining PacketFence Fails

This message was sent from outside the company, please use caution when 
clicking links or opening attachments unless you recognize the source of this 
email and know the content is safe.

Nate,
this part of my install was pretty straight forward.  What version of windows 
in your DC?   What about firewall blocking something?

Aaron

On Tue, Aug 23, 2022 at 7:34 AM Nate Breeden via PacketFence-users 
mailto:packetfence-users@lists.sourceforge.net>>
 wrote:
When trying to domain join PacketForce, on the web GUI we receive “Failed to 
join domain: failed to find DC for domain Computers - The object was not found.”

After searching through a bunch of articles, it looks like where it says “for 
domain Computers” should say “for domain MYDOMAIN”?

Did a full reinstall of PacketFence thinking something was wrong with the 
install, but am still facing the same issue.

In the actual Debian VM if I ping a hostname without the domain name it replies 
with the correct IP address, same thing when pining with the FQDN.


Cat /etc/resolv.conf > this returns the proper DNS IP addresses for my domain



Net ads status > this returns “ads_connect: No logon servers are currently 
available to service the logon request.” (X2)



Also have tried tweaking each setting on the Configuration > Policies and 
Access Control > Domains > Active Directory Domains > [my identifier], 
including either using IP addresses/hostnames (for Active Directory server, 
Sticky DC), changing the admin credentials around 
(myadmin@domain.local, myadmin@domain, myadmin, 
mydomain\myadmin), have tweaked the “This server’s name” field, to either 
specify a name or utilize %h.

Re: [PacketFence-users] [External] [External] Domain Joining PacketFence Fails

2022-08-23 Thread Nate Breeden via PacketFence-users 
Ah I got ya, I was a little confused when I read “workgroup” lol.

Tinkered a little more with the domain settings, this ended up resolving my 
issue – changed the ad_server and sticky_dc to utilize the IP address of my DC. 
Not sure why that would be problematic, as the Debian VM is able to ping those 
by name, even without the FQDN…

{Old values}:
[DOMAINNAME]
dns_name= DOMAINNAME.Local
dns_servers=10.0.1.15
server_name=%h
ou=Domain Computers
ad_server=mydc1
workgroup=domain.Local
status=enabled
sticky_dc=mydc1
ntlm_cache_expiry=3600
# Copyright (C) Inverse inc.




{New values}:
[DOMAINNAME]
dns_name= DOMAINNAME.LOCAL
dns_servers=10.0.1.15
server_name=%h
ou=Domain Computers
ad_server=10.0.1.15
workgroup= DOMAINNAME
status=enabled
sticky_dc=10.0.1.15
ntlm_cache_expiry=3600
# Copyright (C) Inverse inc.


Nate Breeden
Director of IT
Criswell Automotive
F: (301) 212-4520
O: (301) 212-4520

[Criswell Automotive]
CONFIDENTIALITY NOTICE:
The contents of this email message and any attachments are intended solely for 
the addressee(s) and may contain confidential and/or privileged information and 
may be legally protected from disclosure. If you are not the intended recipient 
of this message or their agent, or if this message has been addressed to you in 
error, please immediately alert the sender by reply email and then delete this 
message and any attachments. If you are not the intended recipient, you are 
hereby notified that any use, dissemination, copying, or storage of this 
message or its attachments is strictly prohibited.


From: Fabrice Durand 
Sent: Tuesday, August 23, 2022 4:12 PM
To: Nate Breeden 
Cc: packetfence-users@lists.sourceforge.net
Subject: Re: [External] [PacketFence-users] [External] Domain Joining 
PacketFence Fails

This message was sent from outside the company, please use caution when 
clicking links or opening attachments unless you recognize the source of this 
email and know the content is safe.

the WORKGROUP is the pre-windows-2000 name and the dns_name is the dns format.

If i am not wrong when you edit a user in Users and computers you should be 
able to see both.


Le mar. 23 août 2022 à 15:52, Nate Breeden 
mailto:nbree...@criswellauto.com>> a écrit :
Hey Fabrice,

I just tried them in all caps, still the same result.

As far as workgroup, would that not be my domain name? Also tried it without 
the .local in all caps, same thing happens there


Thanks!

From: Fabrice Durand mailto:oeufd...@gmail.com>>
Sent: Tuesday, August 23, 2022 3:28 PM
To: Nate Breeden mailto:nbree...@criswellauto.com>>
Cc: 
packetfence-users@lists.sourceforge.net
Subject: Re: [External] [PacketFence-users] [External] Domain Joining 
PacketFence Fails

This message was sent from outside the company, please use caution when 
clicking links or opening attachments unless you recognize the source of this 
email and know the content is safe.

Iptables looks to be ok.

But are you sure about workgroup=domain.Local ?

Also put dns_name and workgroup in uppercase .


Le mar. 23 août 2022 à 15:09, Nate Breeden 
mailto:nbree...@criswellauto.com>> a écrit :
[DOMAINNAME]
dns_name= DOMAINNAME.Local
dns_servers=10.0.1.15
server_name=%h
ou=Domain Computers
ad_server=mydc1
workgroup=domain.Local
status=enabled
sticky_dc=mydc1
ntlm_cache_expiry=3600
# Copyright (C) Inverse inc.




Chain PREROUTING (policy ACCEPT 16868 packets, 1946K bytes)
pkts bytes target prot opt in out source   destination

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source   destination

Chain OUTPUT (policy ACCEPT 177K packets, 11M bytes)
pkts bytes target prot opt in out source   destination

Chain POSTROUTING (policy ACCEPT 177K packets, 11M bytes)
pkts bytes target prot opt in out source   destination
2   201 SNAT   all  --  *  eth0
169.254.0.0/16
   
0.0.0.0/0
to:10.0.1.19

Chain postrouting-inline-routed (0 references)
pkts bytes target prot opt in out source   destination

Chain postrouting-int-inline-if (0 references)
pkts bytes target prot opt in out source   destination

Chain prerouting-int-inline-if (0 references)
pkts bytes target prot opt in out source   destination

Chain prerouting-int-vlan-if (0 references)
pkts bytes target prot opt in out source

Re: [PacketFence-users] [External] [External] Domain Joining PacketFence Fails

2022-08-23 Thread Fabrice Durand via PacketFence-users 
the WORKGROUP is the pre-windows-2000 name and the dns_name is the dns
format.

If i am not wrong when you edit a user in Users and computers you should be
able to see both.


Le mar. 23 août 2022 à 15:52, Nate Breeden  a
écrit :

> Hey Fabrice,
>
>
>
> I just tried them in all caps, still the same result.
>
>
>
> As far as workgroup, would that not be my domain name? Also tried it
> without the .local in all caps, same thing happens there
>
>
>
>
>
> Thanks!
>
>
>
> *From:* Fabrice Durand 
> *Sent:* Tuesday, August 23, 2022 3:28 PM
> *To:* Nate Breeden 
> *Cc:* packetfence-users@lists.sourceforge.net
> *Subject:* Re: [External] [PacketFence-users] [External] Domain Joining
> PacketFence Fails
>
>
>
> This message was sent from outside the company, please use caution when
> clicking links or opening attachments unless you recognize the source of
> this email and know the content is safe.
>
>
>
> Iptables looks to be ok.
>
>
>
> But are you sure about workgroup=domain.Local ?
>
>
>
> Also put dns_name and workgroup in uppercase .
>
>
>
>
>
> Le mar. 23 août 2022 à 15:09, Nate Breeden  a
> écrit :
>
> [DOMAINNAME]
>
> dns_name= DOMAINNAME.Local
>
> dns_servers=10.0.1.15
>
> server_name=%h
>
> ou=Domain Computers
>
> ad_server=mydc1
>
> workgroup=domain.Local
>
> status=enabled
>
> sticky_dc=mydc1
>
> ntlm_cache_expiry=3600
>
> # Copyright (C) Inverse inc.
>
>
>
>
>
>
>
>
>
> Chain PREROUTING (policy ACCEPT 16868 packets, 1946K bytes)
>
> pkts bytes target prot opt in out source
> destination
>
>
>
> Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
>
> pkts bytes target prot opt in out source
> destination
>
>
>
> Chain OUTPUT (policy ACCEPT 177K packets, 11M bytes)
>
> pkts bytes target prot opt in out source
> destination
>
>
>
> Chain POSTROUTING (policy ACCEPT 177K packets, 11M bytes)
>
> pkts bytes target prot opt in out source
> destination
>
> 2   201 SNAT   all  --  *  eth0169.254.0.0/16
> 
> 0.0.0.0/0
> 
>   to:10.0.1.19
>
>
>
> Chain postrouting-inline-routed (0 references)
>
> pkts bytes target prot opt in out source
> destination
>
>
>
> Chain postrouting-int-inline-if (0 references)
>
> pkts bytes target prot opt in out source
> destination
>
>
>
> Chain prerouting-int-inline-if (0 references)
>
> pkts bytes target prot opt in out source
> destination
>
>
>
> Chain prerouting-int-vlan-if (0 references)
>
> pkts bytes target prot opt in out source
> destination
>
>
>
> *From:* Fabrice Durand 
> *Sent:* Tuesday, August 23, 2022 2:36 PM
> *To:* packetfence-users@lists.sourceforge.net
> *Cc:* Nate Breeden 
> *Subject:* Re: [External] [PacketFence-users] [External] Domain Joining
> PacketFence Fails
>
>
>
> This message was sent from outside the company, please use caution when
> clicking links or opening attachments unless you recognize the source of
> this email and know the content is safe.
>
>
>
> Hello,
>
>
>
> can you show me the content of conf/domain.conf and also the result of
> iptables -L -n -v -t nat
>
>
>
> Regards
>
> Fabrice
>
>
>
>
>
>
>
> Le mar. 23 août 2022 à 14:25, Nate Breeden via PacketFence-users <
> packetfence-users@lists.sourceforge.net> a écrit :
>
> Hey Aaron,
>
>
>
> My DCs are using Server 2019, also have tried it with the firewall
> disabled and had the same result.
>
>
>
> Also thought this would be the easiest part of my install lol
>
>
>
>
>
> Thanks!
>
>
>
>
>
> *Nate Breeden Director of IT *Criswell Automotive
> F: (301) 212-4520
> O: (301) 212-4520
>
>
> [image: Criswell Automotive]
>
> CONFIDENTIALITY NOTICE:
> The contents of this email message and any attachments are intended solely
> for the addressee(s) and may contain confidential and/or privileged
> information and may be legally protected from disclosure. If you are not
> the intended recipient of this message or their agent, or if this message
> has been addressed to you in error, please immediately alert the sender by
> reply email and then delete this message and any attachments. If you are
> not the intended recipient, you are hereby notified that any use,
> dissemination, copying, or storage of this message or its attachments is
> strictly prohibited.
>
>
>
>
>
> *From:* Aaron Zuercher via PacketFence-users <
> packetfence-users@lists.sourceforge.net>
> *Sent:* Tuesday, August 23, 2022 11:25 AM
> *To:* packetfence-users@lists.sourceforge.net
> *Cc:* Aaron Zuercher 
> *Subject:* Re:

Re: [PacketFence-users] [External] [External] Domain Joining PacketFence Fails

2022-08-23 Thread Nate Breeden via PacketFence-users 
Hey Fabrice,

I just tried them in all caps, still the same result.

As far as workgroup, would that not be my domain name? Also tried it without 
the .local in all caps, same thing happens there


Thanks!

From: Fabrice Durand 
Sent: Tuesday, August 23, 2022 3:28 PM
To: Nate Breeden 
Cc: packetfence-users@lists.sourceforge.net
Subject: Re: [External] [PacketFence-users] [External] Domain Joining 
PacketFence Fails

This message was sent from outside the company, please use caution when 
clicking links or opening attachments unless you recognize the source of this 
email and know the content is safe.

Iptables looks to be ok.

But are you sure about workgroup=domain.Local ?

Also put dns_name and workgroup in uppercase .


Le mar. 23 août 2022 à 15:09, Nate Breeden 
mailto:nbree...@criswellauto.com>> a écrit :
[DOMAINNAME]
dns_name= DOMAINNAME.Local
dns_servers=10.0.1.15
server_name=%h
ou=Domain Computers
ad_server=mydc1
workgroup=domain.Local
status=enabled
sticky_dc=mydc1
ntlm_cache_expiry=3600
# Copyright (C) Inverse inc.




Chain PREROUTING (policy ACCEPT 16868 packets, 1946K bytes)
pkts bytes target prot opt in out source   destination

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source   destination

Chain OUTPUT (policy ACCEPT 177K packets, 11M bytes)
pkts bytes target prot opt in out source   destination

Chain POSTROUTING (policy ACCEPT 177K packets, 11M bytes)
pkts bytes target prot opt in out source   destination
2   201 SNAT   all  --  *  eth0
169.254.0.0/16
   
0.0.0.0/0
to:10.0.1.19

Chain postrouting-inline-routed (0 references)
pkts bytes target prot opt in out source   destination

Chain postrouting-int-inline-if (0 references)
pkts bytes target prot opt in out source   destination

Chain prerouting-int-inline-if (0 references)
pkts bytes target prot opt in out source   destination

Chain prerouting-int-vlan-if (0 references)
pkts bytes target prot opt in out source   destination

From: Fabrice Durand mailto:oeufd...@gmail.com>>
Sent: Tuesday, August 23, 2022 2:36 PM
To: 
packetfence-users@lists.sourceforge.net
Cc: Nate Breeden mailto:nbree...@criswellauto.com>>
Subject: Re: [External] [PacketFence-users] [External] Domain Joining 
PacketFence Fails

This message was sent from outside the company, please use caution when 
clicking links or opening attachments unless you recognize the source of this 
email and know the content is safe.

Hello,

can you show me the content of conf/domain.conf and also the result of iptables 
-L -n -v -t nat

Regards
Fabrice



Le mar. 23 août 2022 à 14:25, Nate Breeden via PacketFence-users 
mailto:packetfence-users@lists.sourceforge.net>>
 a écrit :
Hey Aaron,

My DCs are using Server 2019, also have tried it with the firewall disabled and 
had the same result.

Also thought this would be the easiest part of my install lol


Thanks!

Nate Breeden
Director of IT
Criswell Automotive
F: (301) 212-4520
O: (301) 212-4520

[Criswell Automotive]
CONFIDENTIALITY NOTICE:
The contents of this email message and any attachments are intended solely for 
the addressee(s) and may contain confidential and/or privileged information and 
may be legally protected from disclosure. If you are not the intended recipient 
of this message or their agent, or if this message has been addressed to you in 
error, please immediately alert the sender by reply email and then delete this 
message and any attachments. If you are not the intended recipient, you are 
hereby notified that any use, dissemination, copying, or storage of this 
message or its attachments is strictly prohibited.


From: Aaron Zuercher via PacketFence-users 
mailto:packetfence-users@lists.sourceforge.net>>
Sent: Tuesday, August 23, 2022 11:25 AM
To: 
packetfence-users@lists.sourceforge.net
Cc: Aaron Zuercher mailto:aaron.techge...@gmail.com>>
Subject: Re: [External] [PacketFence-users] Domain Joining PacketFence Fails

This message was sent from outside the company, please use caution when 
clicking links or opening attachments unless you recognize the source of this 
email and know the content is safe.

Nate,
this part of my install was pretty straight forward.  What

Re: [PacketFence-users] [External] [External] Domain Joining PacketFence Fails

2022-08-23 Thread Fabrice Durand via PacketFence-users 
Iptables looks to be ok.

But are you sure about workgroup=domain.Local ?

Also put dns_name and workgroup in uppercase .


Le mar. 23 août 2022 à 15:09, Nate Breeden  a
écrit :

> [DOMAINNAME]
>
> dns_name= DOMAINNAME.Local
>
> dns_servers=10.0.1.15
>
> server_name=%h
>
> ou=Domain Computers
>
> ad_server=mydc1
>
> workgroup=domain.Local
>
> status=enabled
>
> sticky_dc=mydc1
>
> ntlm_cache_expiry=3600
>
> # Copyright (C) Inverse inc.
>
>
>
>
>
>
>
>
>
> Chain PREROUTING (policy ACCEPT 16868 packets, 1946K bytes)
>
> pkts bytes target prot opt in out source
> destination
>
>
>
> Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
>
> pkts bytes target prot opt in out source
> destination
>
>
>
> Chain OUTPUT (policy ACCEPT 177K packets, 11M bytes)
>
> pkts bytes target prot opt in out source
> destination
>
>
>
> Chain POSTROUTING (policy ACCEPT 177K packets, 11M bytes)
>
> pkts bytes target prot opt in out source
> destination
>
> 2   201 SNAT   all  --  *  eth0169.254.0.0/16
> 0.0.0.0/0to:10.0.1.19
>
>
>
> Chain postrouting-inline-routed (0 references)
>
> pkts bytes target prot opt in out source
> destination
>
>
>
> Chain postrouting-int-inline-if (0 references)
>
> pkts bytes target prot opt in out source
> destination
>
>
>
> Chain prerouting-int-inline-if (0 references)
>
> pkts bytes target prot opt in out source
> destination
>
>
>
> Chain prerouting-int-vlan-if (0 references)
>
> pkts bytes target prot opt in out source
> destination
>
>
>
> *From:* Fabrice Durand 
> *Sent:* Tuesday, August 23, 2022 2:36 PM
> *To:* packetfence-users@lists.sourceforge.net
> *Cc:* Nate Breeden 
> *Subject:* Re: [External] [PacketFence-users] [External] Domain Joining
> PacketFence Fails
>
>
>
> This message was sent from outside the company, please use caution when
> clicking links or opening attachments unless you recognize the source of
> this email and know the content is safe.
>
>
>
> Hello,
>
>
>
> can you show me the content of conf/domain.conf and also the result of
> iptables -L -n -v -t nat
>
>
>
> Regards
>
> Fabrice
>
>
>
>
>
>
>
> Le mar. 23 août 2022 à 14:25, Nate Breeden via PacketFence-users <
> packetfence-users@lists.sourceforge.net> a écrit :
>
> Hey Aaron,
>
>
>
> My DCs are using Server 2019, also have tried it with the firewall
> disabled and had the same result.
>
>
>
> Also thought this would be the easiest part of my install lol
>
>
>
>
>
> Thanks!
>
>
>
>
>
> *Nate Breeden Director of IT *Criswell Automotive
> F: (301) 212-4520
> O: (301) 212-4520
>
>
> [image: Criswell Automotive]
>
> CONFIDENTIALITY NOTICE:
> The contents of this email message and any attachments are intended solely
> for the addressee(s) and may contain confidential and/or privileged
> information and may be legally protected from disclosure. If you are not
> the intended recipient of this message or their agent, or if this message
> has been addressed to you in error, please immediately alert the sender by
> reply email and then delete this message and any attachments. If you are
> not the intended recipient, you are hereby notified that any use,
> dissemination, copying, or storage of this message or its attachments is
> strictly prohibited.
>
>
>
>
>
> *From:* Aaron Zuercher via PacketFence-users <
> packetfence-users@lists.sourceforge.net>
> *Sent:* Tuesday, August 23, 2022 11:25 AM
> *To:* packetfence-users@lists.sourceforge.net
> *Cc:* Aaron Zuercher 
> *Subject:* Re: [External] [PacketFence-users] Domain Joining PacketFence
> Fails
>
>
>
> This message was sent from outside the company, please use caution when
> clicking links or opening attachments unless you recognize the source of
> this email and know the content is safe.
>
>
>
> Nate,
>
> this part of my install was pretty straight forward.  What version of
> windows in your DC?   What about firewall blocking something?
>
>
>
> Aaron
>
>
>
> On Tue, Aug 23, 2022 at 7:34 AM Nate Breeden via PacketFence-users <
> packetfence-users@lists.sourceforge.net> wrote:
>
> When trying to domain join PacketForce, on the web GUI we receive “Failed
> to join domain: failed to find DC for domain Computers - The object was not
> found.”
>
>
>
> After searching through a bunch of articles, it looks like where it says
> “for domain Computers” should say “for domain MYDOMAIN”?
>
>
>
> Did a full reinstall of PacketFence thinking something was wrong with the
> install, but am still facing the same issue.
>
>
>
> In the actual Debian VM if I ping a hostname without the domain name it
> replies with the correct IP address, same thing when pining with the FQDN.
>
>
>
> Cat /etc/resolv.conf > this returns the proper DNS IP addresses for my
> domain
>
>
>
> Net ads status > this returns “ads_connect: No logon servers are currently
> available to service the logon request.” (X2)
>
>
>
>
>
> Also have tried tweaking each setting on the *Configuration

Re: [PacketFence-users] [External] Domain Joining PacketFence Fails

2022-08-23 Thread Fabrice Durand via PacketFence-users 
Hello,

can you show me the content of conf/domain.conf and also the result of
iptables -L -n -v -t nat

Regards
Fabrice



Le mar. 23 août 2022 à 14:25, Nate Breeden via PacketFence-users <
packetfence-users@lists.sourceforge.net> a écrit :

> Hey Aaron,
>
>
>
> My DCs are using Server 2019, also have tried it with the firewall
> disabled and had the same result.
>
>
>
> Also thought this would be the easiest part of my install lol
>
>
>
>
>
> Thanks!
>
>
>
>
>
> *Nate Breeden Director of IT *Criswell Automotive
> F: (301) 212-4520
> O: (301) 212-4520
>
>
> [image: Criswell Automotive]
>
> CONFIDENTIALITY NOTICE:
> The contents of this email message and any attachments are intended solely
> for the addressee(s) and may contain confidential and/or privileged
> information and may be legally protected from disclosure. If you are not
> the intended recipient of this message or their agent, or if this message
> has been addressed to you in error, please immediately alert the sender by
> reply email and then delete this message and any attachments. If you are
> not the intended recipient, you are hereby notified that any use,
> dissemination, copying, or storage of this message or its attachments is
> strictly prohibited.
>
>
>
>
>
> *From:* Aaron Zuercher via PacketFence-users <
> packetfence-users@lists.sourceforge.net>
> *Sent:* Tuesday, August 23, 2022 11:25 AM
> *To:* packetfence-users@lists.sourceforge.net
> *Cc:* Aaron Zuercher 
> *Subject:* Re: [External] [PacketFence-users] Domain Joining PacketFence
> Fails
>
>
>
> This message was sent from outside the company, please use caution when
> clicking links or opening attachments unless you recognize the source of
> this email and know the content is safe.
>
>
>
> Nate,
>
> this part of my install was pretty straight forward.  What version of
> windows in your DC?   What about firewall blocking something?
>
>
>
> Aaron
>
>
>
> On Tue, Aug 23, 2022 at 7:34 AM Nate Breeden via PacketFence-users <
> packetfence-users@lists.sourceforge.net> wrote:
>
> When trying to domain join PacketForce, on the web GUI we receive “Failed
> to join domain: failed to find DC for domain Computers - The object was not
> found.”
>
>
>
> After searching through a bunch of articles, it looks like where it says
> “for domain Computers” should say “for domain MYDOMAIN”?
>
>
>
> Did a full reinstall of PacketFence thinking something was wrong with the
> install, but am still facing the same issue.
>
>
>
> In the actual Debian VM if I ping a hostname without the domain name it
> replies with the correct IP address, same thing when pining with the FQDN.
>
>
>
> Cat /etc/resolv.conf > this returns the proper DNS IP addresses for my
> domain
>
>
>
> Net ads status > this returns “ads_connect: No logon servers are currently
> available to service the logon request.” (X2)
>
>
>
>
>
> Also have tried tweaking each setting on the *Configuration > Policies
> and Access Control > Domains > Active Directory Domains > [my identifier]*,
> including either using IP addresses/hostnames (for Active Directory server,
> Sticky DC), changing the admin credentials around (myadmin@domain.local,
> myadmin@domain, myadmin, mydomain\myadmin), have tweaked the “This
> server’s name” field, to either specify a name or utilize %h.
>
>
>
>
>
>
>
>
>
> Here is the log from /usr/local/pf/logs/packetfence.log (censored my
> server name and domain name)
>
>
>
> Aug 22 20:23:40 [myservername] pfqueue[12690]: pfqueue(12690) INFO:
> [mac:unknown] domain join : Failed to join domain: failed to find DC for
> domain Computers - The object was not found. (pf::domain::join_domain)
>
> Aug 22 20:23:44 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
> (main::child_sighandler)
>
> Aug 22 20:23:50 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
> (main::child_sighandler)
>
> Aug 22 20:23:56 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
> (main::child_sighandler)
>
> Aug 22 20:24:02 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
> (main::child_sighandler)
>
> Aug 22 20:24:08 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
> (main::child_sighandler)
>
> Aug 22 20:24:14 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
> (main::child_sighandler)
>
> Aug 22 20:24:20 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
> (main::child_sighandler)
>
> Aug 22 20:24:26 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
>

Re: [PacketFence-users] [External] Domain Joining PacketFence Fails

2022-08-23 Thread Nate Breeden via PacketFence-users 
Hey Aaron,

My DCs are using Server 2019, also have tried it with the firewall disabled and 
had the same result.

Also thought this would be the easiest part of my install lol


Thanks!

Nate Breeden
Director of IT
Criswell Automotive
F: (301) 212-4520
O: (301) 212-4520

[Criswell Automotive]
CONFIDENTIALITY NOTICE:
The contents of this email message and any attachments are intended solely for 
the addressee(s) and may contain confidential and/or privileged information and 
may be legally protected from disclosure. If you are not the intended recipient 
of this message or their agent, or if this message has been addressed to you in 
error, please immediately alert the sender by reply email and then delete this 
message and any attachments. If you are not the intended recipient, you are 
hereby notified that any use, dissemination, copying, or storage of this 
message or its attachments is strictly prohibited.


From: Aaron Zuercher via PacketFence-users 

Sent: Tuesday, August 23, 2022 11:25 AM
To: packetfence-users@lists.sourceforge.net
Cc: Aaron Zuercher 
Subject: Re: [External] [PacketFence-users] Domain Joining PacketFence Fails

This message was sent from outside the company, please use caution when 
clicking links or opening attachments unless you recognize the source of this 
email and know the content is safe.

Nate,
this part of my install was pretty straight forward.  What version of windows 
in your DC?   What about firewall blocking something?

Aaron

On Tue, Aug 23, 2022 at 7:34 AM Nate Breeden via PacketFence-users 
mailto:packetfence-users@lists.sourceforge.net>>
 wrote:
When trying to domain join PacketForce, on the web GUI we receive “Failed to 
join domain: failed to find DC for domain Computers - The object was not found.”

After searching through a bunch of articles, it looks like where it says “for 
domain Computers” should say “for domain MYDOMAIN”?

Did a full reinstall of PacketFence thinking something was wrong with the 
install, but am still facing the same issue.

In the actual Debian VM if I ping a hostname without the domain name it replies 
with the correct IP address, same thing when pining with the FQDN.


Cat /etc/resolv.conf > this returns the proper DNS IP addresses for my domain



Net ads status > this returns “ads_connect: No logon servers are currently 
available to service the logon request.” (X2)



Also have tried tweaking each setting on the Configuration > Policies and 
Access Control > Domains > Active Directory Domains > [my identifier], 
including either using IP addresses/hostnames (for Active Directory server, 
Sticky DC), changing the admin credentials around 
(myadmin@domain.local, myadmin@domain, myadmin, 
mydomain\myadmin), have tweaked the “This server’s name” field, to either 
specify a name or utilize %h.




Here is the log from /usr/local/pf/logs/packetfence.log (censored my server 
name and domain name)

Aug 22 20:23:40 [myservername] pfqueue[12690]: pfqueue(12690) INFO: 
[mac:unknown] domain join : Failed to join domain: failed to find DC for domain 
Computers - The object was not found. (pf::domain::join_domain)
Aug 22 20:23:44 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:23:50 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:23:56 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:02 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:08 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:14 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:20 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:26 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:29 [myservername] packetfence[13694]: pfperl-api(1249) INFO: 
getting security_events triggers for accounting cleanup 
(pf::accounting::acct_maintenance)
Aug 22 20:24:29 [myservername] packetfence[13693]: pfperl-api(1242) INFO: 
processed 0 security_events during security_event maintenance (1661199869.09285 
1661199869.0996)  (pf::security_event::security_event_mainte>Aug 22 20:24:29 
[myservername] packetfence[13693]: pfperl-api(1242) INFO: processed 0 
security_events during security_event

Re: [PacketFence-users] Domain Joining PacketFence Fails

2022-08-23 Thread Michael Brown via PacketFence-users 
Try creating the computer object in AD prior to joining and then join via the 
packetfence gui. 

Sent from Yahoo Mail for iPhone


On Tuesday, August 23, 2022, 12:11 PM, Aaron Zuercher via PacketFence-users 
 wrote:

Nate,this part of my install was pretty straight forward.  What version of 
windows in your DC?   What about firewall blocking something?
Aaron

On Tue, Aug 23, 2022 at 7:34 AM Nate Breeden via PacketFence-users 
 wrote:


When trying to domain join PacketForce, on the web GUI we receive “Failed to 
join domain: failed to find DC for domain Computers - The object was not found.”

 

After searching through a bunch of articles, it looks like where it says “for 
domain Computers” should say “for domain MYDOMAIN”?

 

Did a full reinstall of PacketFence thinking something was wrong with the 
install, but am still facing the same issue.

 

In the actual Debian VM if I ping a hostname without the domain name it replies 
with the correct IP address, same thing when pining with the FQDN.

 

Cat /etc/resolv.conf > this returns the proper DNS IP addresses for my domain

 

Net ads status > this returns “ads_connect: No logon servers are currently 
available to service the logon request.” (X2)

 

 

Also have tried tweaking each setting on the Configuration > Policies and 
Access Control > Domains > Active Directory Domains > [my identifier], 
including either using IP addresses/hostnames (for Active Directory server, 
Sticky DC), changing the admin credentials around (myadmin@domain.local, 
myadmin@domain, myadmin, mydomain\myadmin), have tweaked the “This server’s 
name” field, to either specify a name or utilize %h.

 

 

 

 

Here is the log from /usr/local/pf/logs/packetfence.log (censored my server 
name and domain name)

 

Aug 22 20:23:40 [myservername] pfqueue[12690]: pfqueue(12690) INFO: 
[mac:unknown] domain join : Failed to join domain: failed to find DC for domain 
Computers - The object was not found. (pf::domain::join_domain)

Aug 22 20:23:44 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)

Aug 22 20:23:50 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)

Aug 22 20:23:56 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)

Aug 22 20:24:02 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)

Aug 22 20:24:08 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)

Aug 22 20:24:14 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)

Aug 22 20:24:20 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)

Aug 22 20:24:26 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)

Aug 22 20:24:29 [myservername] packetfence[13694]: pfperl-api(1249) INFO: 
getting security_events triggers for accounting cleanup 
(pf::accounting::acct_maintenance)

Aug 22 20:24:29 [myservername] packetfence[13693]: pfperl-api(1242) INFO: 
processed 0 security_events during security_event maintenance (1661199869.09285 
1661199869.0996)  (pf::security_event::security_event_mainte>Aug 22 20:24:29 
[myservername] packetfence[13693]: pfperl-api(1242) INFO: processed 0 
security_events during security_event maintenance (1661199869.10111 
1661199869.10295)  (pf::security_event::security_event_maint>Aug 22 20:24:29 
[myservername] packetfence[13696]: pfperl-api(1248) INFO: Using 300 resolution 
threshold (pf::pfcron::task::cluster_check::run)

Aug 22 20:24:29 [myservername] packetfence[13696]: pfperl-api(1248) INFO: All 
cluster members are running the same configuration version 
(pf::pfcron::task::cluster_check::run)

Aug 22 20:24:32 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)

Aug 22 20:24:38 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)

Aug 22 20:24:44 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)

Aug 22 20:24:50 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)

Aug 22 20:24:56 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632)

Re: [PacketFence-users] Domain Joining PacketFence Fails

2022-08-23 Thread Aaron Zuercher via PacketFence-users 
Nate,
this part of my install was pretty straight forward.  What version of
windows in your DC?   What about firewall blocking something?

Aaron

On Tue, Aug 23, 2022 at 7:34 AM Nate Breeden via PacketFence-users <
packetfence-users@lists.sourceforge.net> wrote:

> When trying to domain join PacketForce, on the web GUI we receive “Failed
> to join domain: failed to find DC for domain Computers - The object was not
> found.”
>
>
>
> After searching through a bunch of articles, it looks like where it says
> “for domain Computers” should say “for domain MYDOMAIN”?
>
>
>
> Did a full reinstall of PacketFence thinking something was wrong with the
> install, but am still facing the same issue.
>
>
>
> In the actual Debian VM if I ping a hostname without the domain name it
> replies with the correct IP address, same thing when pining with the FQDN.
>
>
>
> Cat /etc/resolv.conf > this returns the proper DNS IP addresses for my
> domain
>
>
>
> Net ads status > this returns “ads_connect: No logon servers are currently
> available to service the logon request.” (X2)
>
>
>
>
>
> Also have tried tweaking each setting on the *Configuration > Policies
> and Access Control > Domains > Active Directory Domains > [my identifier]*,
> including either using IP addresses/hostnames (for Active Directory server,
> Sticky DC), changing the admin credentials around (myadmin@domain.local,
> myadmin@domain, myadmin, mydomain\myadmin), have tweaked the “This
> server’s name” field, to either specify a name or utilize %h.
>
>
>
>
>
>
>
>
>
> Here is the log from /usr/local/pf/logs/packetfence.log (censored my
> server name and domain name)
>
>
>
> Aug 22 20:23:40 [myservername] pfqueue[12690]: pfqueue(12690) INFO:
> [mac:unknown] domain join : Failed to join domain: failed to find DC for
> domain Computers - The object was not found. (pf::domain::join_domain)
>
> Aug 22 20:23:44 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
> (main::child_sighandler)
>
> Aug 22 20:23:50 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
> (main::child_sighandler)
>
> Aug 22 20:23:56 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
> (main::child_sighandler)
>
> Aug 22 20:24:02 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
> (main::child_sighandler)
>
> Aug 22 20:24:08 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
> (main::child_sighandler)
>
> Aug 22 20:24:14 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
> (main::child_sighandler)
>
> Aug 22 20:24:20 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
> (main::child_sighandler)
>
> Aug 22 20:24:26 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
> (main::child_sighandler)
>
> Aug 22 20:24:29 [myservername] packetfence[13694]: pfperl-api(1249) INFO:
> getting security_events triggers for accounting cleanup
> (pf::accounting::acct_maintenance)
>
> Aug 22 20:24:29 [myservername] packetfence[13693]: pfperl-api(1242) INFO:
> processed 0 security_events during security_event maintenance
> (1661199869.09285 1661199869.0996)
> (pf::security_event::security_event_mainte>Aug 22 20:24:29 [myservername]
> packetfence[13693]: pfperl-api(1242) INFO: processed 0 security_events
> during security_event maintenance (1661199869.10111 1661199869.10295)
> (pf::security_event::security_event_maint>Aug 22 20:24:29 [myservername]
> packetfence[13696]: pfperl-api(1248) INFO: Using 300 resolution threshold
> (pf::pfcron::task::cluster_check::run)
>
> Aug 22 20:24:29 [myservername] packetfence[13696]: pfperl-api(1248) INFO:
> All cluster members are running the same configuration version
> (pf::pfcron::task::cluster_check::run)
>
> Aug 22 20:24:32 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
> (main::child_sighandler)
>
> Aug 22 20:24:38 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
> (main::child_sighandler)
>
> Aug 22 20:24:44 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
> (main::child_sighandler)
>
> Aug 22 20:24:50 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain]
> (main::child_sighandler)
>
> Aug 22 20:24:56 [myservername] packetfence_winbindd-wrapper[13632]:
> winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering

[PacketFence-users] Domain Joining PacketFence Fails

2022-08-23 Thread Nate Breeden via PacketFence-users 
When trying to domain join PacketForce, on the web GUI we receive "Failed to 
join domain: failed to find DC for domain Computers - The object was not found."

After searching through a bunch of articles, it looks like where it says "for 
domain Computers" should say "for domain MYDOMAIN"?

Did a full reinstall of PacketFence thinking something was wrong with the 
install, but am still facing the same issue.

In the actual Debian VM if I ping a hostname without the domain name it replies 
with the correct IP address, same thing when pining with the FQDN.


Cat /etc/resolv.conf > this returns the proper DNS IP addresses for my domain



Net ads status > this returns "ads_connect: No logon servers are currently 
available to service the logon request." (X2)



Also have tried tweaking each setting on the Configuration > Policies and 
Access Control > Domains > Active Directory Domains > [my identifier], 
including either using IP addresses/hostnames (for Active Directory server, 
Sticky DC), changing the admin credentials around 
(myadmin@domain.local, myadmin@domain, myadmin, 
mydomain\myadmin), have tweaked the "This server's name" field, to either 
specify a name or utilize %h.




Here is the log from /usr/local/pf/logs/packetfence.log (censored my server 
name and domain name)

Aug 22 20:23:40 [myservername] pfqueue[12690]: pfqueue(12690) INFO: 
[mac:unknown] domain join : Failed to join domain: failed to find DC for domain 
Computers - The object was not found. (pf::domain::join_domain)
Aug 22 20:23:44 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:23:50 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:23:56 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:02 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:08 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:14 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:20 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:26 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:29 [myservername] packetfence[13694]: pfperl-api(1249) INFO: 
getting security_events triggers for accounting cleanup 
(pf::accounting::acct_maintenance)
Aug 22 20:24:29 [myservername] packetfence[13693]: pfperl-api(1242) INFO: 
processed 0 security_events during security_event maintenance (1661199869.09285 
1661199869.0996)  (pf::security_event::security_event_mainte>Aug 22 20:24:29 
[myservername] packetfence[13693]: pfperl-api(1242) INFO: processed 0 
security_events during security_event maintenance (1661199869.10111 
1661199869.10295)  (pf::security_event::security_event_maint>Aug 22 20:24:29 
[myservername] packetfence[13696]: pfperl-api(1248) INFO: Using 300 resolution 
threshold (pf::pfcron::task::cluster_check::run)
Aug 22 20:24:29 [myservername] packetfence[13696]: pfperl-api(1248) INFO: All 
cluster members are running the same configuration version 
(pf::pfcron::task::cluster_check::run)
Aug 22 20:24:32 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:38 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:44 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:50 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:24:56 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:25:02 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:25:08 [myservername] packetfence_winbindd-wrapper[13632]: 
winbindd-wrapper(13632) WARN: [mac:[undef]] Re-registering [mydomain] 
(main::child_sighandler)
Aug 22 20:25:14 [myservername]

Re: [PacketFence-users] Radius VSA HPE-Port-MA-Port-Mode

2022-08-23 Thread peter--- via PacketFence-users 
Hi again,
I solved it myself. The value of


HPE-Port-MA-Port-Mode


Had to be “1”, for port-based.

Met vriendelijke groet,

Peter

Op 21 aug. 2022 om 14:58 heeft pe...@huizevrielink.eu het volgende geschreven:



Hello Everyone,


i am trying to use Radius filter engine to do a (merged)radius reply  with:
HP-Egress-Vlan-name "1blabla"
HPE-Port-MA-Port-Mode "Port-Based"


The vlan name part is working perfectly, but the HPE-Port-MA-Port-Mode isn't 
visible in the radius reply if i check audit log of that request.
As if PacketFence does not sent it
I use this VSA succesfully on Aruba clearpass to get the port to authenticate 1 
endpoint(the accesspoint). and after that trust the rest of the mac's.

The switch i use in this test setup is an Aruba 2930F

Thank you in advance!

Best Regards,

Peter Vrielink


___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Adding Packet Fence to AD

2022-08-23 Thread Shaffer, David via PacketFence-users 
Good Afternoon:

I have installed from ISO a installation of PacketFence 11.2.  My base is 
AlmaLinux 8.6, a RHEL 8.x variant.  I performed a minimal server install 
without GUI, disabled the firewall and turned of SELinux.  I went through the 
initial install, everything worked fine until I tried to join to AD.

Are there other packages that need to be installed and enabled for PacketFence 
11.2 to communicate with Microsoft Active Directory?  And if so, are there 
other packages that I should also install and enable for other functionality in 
PacketFence that isn't specifically shown in the online documentation?

Finally, has anyone successfully replaced Cisco ISE with PacketFence and has 
some documentation that you are willing to share?

Thanks!

Dave





David A. Shaffer
Network and Data Center Administrator
HACC, Central Pennsylvania's Community College

Mailing Address: One HACC Drive, Harrisburg, PA 17110
Email: dasha...@hacc.edu
Telephone: 717-780-2511
Internal Extension: 212511

Website: www.hacc.edu

*

Our Purpose: Learning for all, learning for life

Effective May 23, 2022, HACC's campuses AND buildings will be open to all 
students, employees and the general public. This information is tentative and 
subject to change. Please visit 
hacc.edu/Coronavirus
 for more information.




To unsubscribe: email unsubscr...@hacc.edu with sender email address and 
subject.

This email and any files attached from HACC, Central Pennsylvania's Community 
College are confidential and intended solely for use by the individual or 
entity to whom addressed. If you have received this email in error please 
notify postmas...@hacc.edu This message may contain confidential information 
and is intended only for the individual named. If you are not the named 
addressee do not disseminate, distribute or copy this e-mail. Please notify the 
sender immediately by e-mail if you have received this e-mail by mistake and 
delete from your system. If you are not the intended recipient you are notified 
that disclosing, copying, distributing or taking any action in reliance on the 
contents of this information is strictly prohibited.
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users