Re: [PacketFence-users] domain trouble shooting commands fail
Fabrice, If I understand your question, yes, there are several winbind processes running: root 7006 14.0 0.2 430736 182228 ? Ss 14:17 0:04 winbindd-wrapper root 8653 0.0 0.0 52120 3680 ?S14:18 0:00 sudo chroot /chroots/PUCAD /usr/sbin/winbindd -s /etc/samba/PUCAD.conf -l /var/log/sambaPUCAD --foreground root 8654 0.0 0.0 243960 7776 ?R14:18 0:00 /usr/sbin/winbindd -s /etc/samba/PUCAD.conf -l /var/log/sambaPUCAD --foreground And in the PF management web portal, Status > Services indicates that winbindd is started. Jon -Original Message- From: Fabrice Durand via PacketFence-users [mailto:packetfence-users@lists.sourceforge.net] Sent: Wednesday, August 30, 2017 5:48 AM To: packetfence-users@lists.sourceforge.net Cc: Fabrice Durand <fdur...@inverse.ca> Subject: Re: [PacketFence-users] domain trouble shooting commands fail Hello Jon, does winbind run ? Regards Fabrice Le 2017-08-28 à 23:19, Jon Falconer via PacketFence-users a écrit : > Greetings all, > > I have done a fresh install of Packet Fence 7.2.0, and in configuring it, > have setup an Active Directory domain join. Packet Fence seems to think that > the domain join succeeded since it says "Test join succeed!" for the domain > (the only domain) configured on the Configuration > Policies and Access > Control > Active Directory Domains page. However, when I run the trouble > shooting commands listed on page 34 of the Administration Guide for version > 7.2.0, I get the following results: > > root@pf2:/etc/samba# chroot /chroots/PUCAD/ wbinfo -u could not obtain > winbind interface details: WBC_ERR_WINBIND_NOT_AVAILABLE could not > obtain winbind domain name! > Error looking up domain users > root@pf2:/etc/samba# > > root@pf2:/etc/samba# chroot /chroots/PUCAD/ ntlm_auth > --username=joetest > Password: > could not obtain winbind separator! > Reading winbind reply failed! (0x01) > : (0x0) > root@pf2:/etc/samba# > > This is all running on Debian 8 with all updates as of mid August 2017. > > ---domain.conf--- > root@pf2:/usr/local/pf/conf# cat domain.conf [PUCAD] > ntlm_cache_filter=(&(samAccountName=*)(!(|(lockoutTime=>0)(userAccount > Control:1.2.840.113556.1.4.803:=2 > registration=0 > sticky_dc=10.xxx.yyy.zzz > ou=Computers > ntlm_cache_batch_one_at_a_time=disabled > ad_server=10. xxx.yyy.zzz > dns_name=puc.edu > ntlm_cache_expiry=3600 > bind_dn= > workgroup=PUC > ntlm_cache_batch=disabled > bind_pass= > ntlm_cache=disabled > server_name=%h > ntlm_cache_on_connection=disabled > dns_servers=10. xxx.yyy.zzz > root@pf2:/usr/local/pf/conf# > > > -realm.conf--- > root@pf2:/usr/local/pf/conf# cat realm.conf [DEFAULT] > source=PUC_AD1 > domain=PUCAD > options=strip > root@pf2:/usr/local/pf/conf# > > > Any other info needed to diagnose this problem? > > Thanks, > > Jon > > -- > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! > https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fsdm.link%2Fslashdot=02%7C01%7Cjfalconer%40puc.edu%7C986a026b105a489dacdd08d4efa5536e%7Ca0c272d027684743b621bdb1af3751ef%7C1%7C0%7C636396940739225280=8ljS1cIJ6wmaC985b1EOaEv90ug8bT6GmA3u0DJK684%3D=0 > ___ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.sourceforge.net%2Flists%2Flistinfo%2Fpacketfence-users=02%7C01%7Cjfalconer%40puc.edu%7C986a026b105a489dacdd08d4efa5536e%7Ca0c272d027684743b621bdb1af3751ef%7C1%7C0%7C636396940739225280=kqIQHKlnWvj6wk%2Feko6qvhW1wd0WQzIG4FQtDltmWss%3D=0 -- Fabrice Durand fdur...@inverse.ca :: +1.514.447.4918 (x135) :: https://na01.safelinks.protection.outlook.com/?url=www.inverse.ca=02%7C01%7Cjfalconer%40puc.edu%7C986a026b105a489dacdd08d4efa5536e%7Ca0c272d027684743b621bdb1af3751ef%7C1%7C0%7C636396940739225280=IZnRk1XgfdLNl15wral7gZqTyko%2FvcQZSW7SKNQbFlQ%3D=0 Inverse inc. :: Leaders behind SOGo (https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.sogo.nu=02%7C01%7Cjfalconer%40puc.edu%7C986a026b105a489dacdd08d4efa5536e%7Ca0c272d027684743b621bdb1af3751ef%7C1%7C0%7C636396940739225280=tgMRPTQ4HjuBsnXeKzMZEIT7jJnSz162qtUlxuhQeTA%3D=0) and PacketFence (https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fpacketfence.org=02%7C01%7Cjfalconer%40puc.edu%7C986a026b105a489dacdd08d4efa5536e%7Ca0c272d027684743b621bdb1af3751ef%7C1%7C0%7C636396940739225280=4NefNxTz3UvQoQS%2Bgm4zH4nks5A2X3hN9yaXyWwEs2Y%3D=0)
Re: [PacketFence-users] domain trouble shooting commands fail
Hello Jon, does winbind run ? Regards Fabrice Le 2017-08-28 à 23:19, Jon Falconer via PacketFence-users a écrit : > Greetings all, > > I have done a fresh install of Packet Fence 7.2.0, and in configuring it, > have setup an Active Directory domain join. Packet Fence seems to think that > the domain join succeeded since it says "Test join succeed!" for the domain > (the only domain) configured on the Configuration > Policies and Access > Control > Active Directory Domains page. However, when I run the trouble > shooting commands listed on page 34 of the Administration Guide for version > 7.2.0, I get the following results: > > root@pf2:/etc/samba# chroot /chroots/PUCAD/ wbinfo -u > could not obtain winbind interface details: WBC_ERR_WINBIND_NOT_AVAILABLE > could not obtain winbind domain name! > Error looking up domain users > root@pf2:/etc/samba# > > root@pf2:/etc/samba# chroot /chroots/PUCAD/ ntlm_auth --username=joetest > Password: > could not obtain winbind separator! > Reading winbind reply failed! (0x01) > : (0x0) > root@pf2:/etc/samba# > > This is all running on Debian 8 with all updates as of mid August 2017. > > ---domain.conf--- > root@pf2:/usr/local/pf/conf# cat domain.conf > [PUCAD] > ntlm_cache_filter=(&(samAccountName=*)(!(|(lockoutTime=>0)(userAccountControl:1.2.840.113556.1.4.803:=2 > registration=0 > sticky_dc=10.xxx.yyy.zzz > ou=Computers > ntlm_cache_batch_one_at_a_time=disabled > ad_server=10. xxx.yyy.zzz > dns_name=puc.edu > ntlm_cache_expiry=3600 > bind_dn= > workgroup=PUC > ntlm_cache_batch=disabled > bind_pass= > ntlm_cache=disabled > server_name=%h > ntlm_cache_on_connection=disabled > dns_servers=10. xxx.yyy.zzz > root@pf2:/usr/local/pf/conf# > > > -realm.conf--- > root@pf2:/usr/local/pf/conf# cat realm.conf > [DEFAULT] > source=PUC_AD1 > domain=PUCAD > options=strip > root@pf2:/usr/local/pf/conf# > > > Any other info needed to diagnose this problem? > > Thanks, > > Jon > > -- > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > ___ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
[PacketFence-users] domain trouble shooting commands fail
Greetings all, I have done a fresh install of Packet Fence 7.2.0, and in configuring it, have setup an Active Directory domain join. Packet Fence seems to think that the domain join succeeded since it says "Test join succeed!" for the domain (the only domain) configured on the Configuration > Policies and Access Control > Active Directory Domains page. However, when I run the trouble shooting commands listed on page 34 of the Administration Guide for version 7.2.0, I get the following results: root@pf2:/etc/samba# chroot /chroots/PUCAD/ wbinfo -u could not obtain winbind interface details: WBC_ERR_WINBIND_NOT_AVAILABLE could not obtain winbind domain name! Error looking up domain users root@pf2:/etc/samba# root@pf2:/etc/samba# chroot /chroots/PUCAD/ ntlm_auth --username=joetest Password: could not obtain winbind separator! Reading winbind reply failed! (0x01) : (0x0) root@pf2:/etc/samba# This is all running on Debian 8 with all updates as of mid August 2017. ---domain.conf--- root@pf2:/usr/local/pf/conf# cat domain.conf [PUCAD] ntlm_cache_filter=(&(samAccountName=*)(!(|(lockoutTime=>0)(userAccountControl:1.2.840.113556.1.4.803:=2 registration=0 sticky_dc=10.xxx.yyy.zzz ou=Computers ntlm_cache_batch_one_at_a_time=disabled ad_server=10. xxx.yyy.zzz dns_name=puc.edu ntlm_cache_expiry=3600 bind_dn= workgroup=PUC ntlm_cache_batch=disabled bind_pass= ntlm_cache=disabled server_name=%h ntlm_cache_on_connection=disabled dns_servers=10. xxx.yyy.zzz root@pf2:/usr/local/pf/conf# -realm.conf--- root@pf2:/usr/local/pf/conf# cat realm.conf [DEFAULT] source=PUC_AD1 domain=PUCAD options=strip root@pf2:/usr/local/pf/conf# Any other info needed to diagnose this problem? Thanks, Jon -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users