Accounts provider - Service Pack 1

Feature
,
17

Not a problem i will add test repo to my vm and we will see how it is working

2 Likes
18

Great news I’m going to test.

1 Like
19

Two issues have been already discovered:

  • the nsdc service fails to start after reboot, or restart

  • the remote LDAP probe procedure does not validate server/port combination - it always fall back to default values which do not make sense

1 Like
20

I’ve got a problem during installing nethserver-sssd from testing it does’nt works with my current nethserver-dc, so I had to do it like this:
yum update nethserver-sssd nethserver-dc

[edit]
Because i had allready a AD controller here on VM i had to unjoin it from the domain, from Software Center uninstall Account provider: Samba Active Directory and after that i have a posibility to go on :slight_smile:

2 Likes
21

Ok, question - fresh VM NethServer installation, updated, nethserver-testing added and i have screen like this

20170419_nethserver_accounts_provider.png855×775 73.1 KB

This is different from what @davidep has on his screenshots - did i miss something? or nethserver discovers that there is no domain controller at my network and that’s the reason why there is no option Became a DC of an existing domain?

1 Like
22

Still not implemented. Please wait :grin:

1 Like
23

aaah ok sorry about that…

24

Some (very) late info:
Accounts provider Samba Active Directory
Server name: JUPITER
IP: 192.168.16.250

  1. Successfully created test MYDOMAIN.LOCAL
  2. Successfully created GROUP1@MYDOMAIN.LOCAL
  3. Successfully created USER1@MYDOMAIN.LOCAL
  4. Added USER1 to GROUP1

Server name: VENUS (slave)
Accounts provider: remote OpenLDAP
Summary: nothing happens (?) - no users and groups after binding UNBIND possible

Joining to Samba AD not possible - error
My config:

nethserver_domain_accounts.png794×476 85.3 KB

Here is information about error - maybe I am doing something wrong

nethserver_accounts_provider.png915×585 72.3 KB

Windows 10 connected successfully - some corrections i have to made - first DNS pointing to AD controller

And here is Active Directory Users and Computers screen

active_directory_users_and_computers.png965×725 49.6 KB

  1. I am wondering why I cannot join another NS server to MYDOMAIN.LOCAL
  2. Only Administrator can use GPO and Active Directory Users and Computers
  3. created user dcadmin can log into Win10 without problems
  4. Administrator can log but using MYDOMAIN\Administrator as login

Not tested yet:

  1. joining Windows Server 2012 R2 to MYDOMAIN.LOCAL
  2. create domain in Windows Server
  3. join NS to WIndows Server domain

those i will try to test tommorrow.

log out :wink:

3 Likes
25

The AD administrator account is disabled in NethServer. You should use “admin”!

Do you think administrator should be enabled?

We decided to disable administrator because in NethServer the admin has always been admin. Also in ns6, to join a workstation to a NT domain we used admin. I understand that Windows sysadmins would prefer “administrator” though…

26

I have also tried to join domain as user admin and there was the same error message - i will try to do it once again later and give you feedback.

Correct me if I am wrong - i have enabled administrator account by giving password for him - therefore i was able to join Win10 to domain. I haven’t tested joining WinStation by using admin account but will also test it later.

27

That’s fine

Did you set a password for “admin”, too? A warning (yellow) reminder should appear in the Dashboard.

28

Yes i did - but i was wondering if i should point to original ip if this server which is 192.168.16.250 or to point to NDSC server which is 192.168.16.251 ?

29

It depends… what are you trying to do? what do you mean by point?

30

I want to join another Nethserver to existing Nethserver Samba AD

31

Please, review the new manual instructions (just merged in the “latest” branch):

http://docs.nethserver.org/en/latest/accounts.html#join-an-existing-active-directory-domain

Usually it is the IP address of an AD domain controller.

1 Like
32

thanks i will check it later (@night probably ;))

1 Like
33

We fixed the pending problems, everything is now rock solid! :smiley:

3 Likes
34

Wow guys - I don’t know what have you done but… everything is working just fine!
But… :wink:
(using nethserver-testing repo)

  1. After upgrading whole Samba DC broke down (using nethserver-testing)
  2. i have uninstalled it, unbridged network controller
  3. i have created the Samba AD once again (and activated only admin account)
  4. Successfuly connected secondary NS server to Samba AD (!)
  5. Successfuly connected Win10 to domain using admin account
  6. GPO and ADCaU working with admin account

everything is working even restarting ndsc - we can now throw away our MS servers :wink:

this regards nethserver-testing repo? if yes when do you plan to move it to stable release?

1 Like
35

A post was split to a new topic: Accounts provider update