Domain Accounts Error

Good evening!

So, I have NS6.8 up and running without too many issues. I was never able to get the mail sites to authenticate against my AD domain. I gave up on that and went with local users.

I spun up a new NS7.2 Alpha3 machine since it includes Samba4 and was happy to see Domain Accounts. I clicked it, input one of my DC’s IP address, authenticated successfully, and thought all was in harmony. Upon going back to that Domain Accounts link, I get the attached error.

I’ve confirmed that both of my domain controllers are listed on the DNS page and can successfully ping them from the command line.

Any help is greatly appreciated!

Could you attach any relevant log line from /var/log/messages?

Same here. It looks like Nethserver doesn’t let you reset or change the domain accounts configuration after it is saved and refreshed.

This was the only relevant log I could find. Please be aware that I inputted a different account for the domain join. it was not ‘Administrator’. Now the web interface does not offer me the option to change the configuration.

Aug 25 09:04:52 Telma systemd: Started Authorization Manager. Aug 25 09:04:52 Telma realmd: * Resolving: _ldap._tcp.hyrule.synthrealm.net Aug 25 09:04:52 Telma realmd: * Performing LDAP DSE lookup on: 192.168.2.10 Aug 25 09:04:52 Telma realmd: * Performing LDAP DSE lookup on: 192.168.2.1 Aug 25 09:04:52 Telma realmd: * Performing LDAP DSE lookup on: ::1 Aug 25 09:04:52 Telma realmd: ! Can't contact LDAP server Aug 25 09:04:52 Telma realmd: * Successfully discovered: hyrule.synthrealm.net Aug 25 09:04:52 Telma realmd: * Required files: /usr/sbin/oddjobd, /usr/libexec/oddjob/mkhomedir, /usr/sbin/sssd, /usr/bin/net Aug 25 09:04:52 Telma realmd: * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.O3ZIMY -U Administrator ads join hyrule.synthrealm.net Aug 25 09:04:58 Telma realmd: Enter Administrator's password: Aug 25 09:04:58 Telma realmd: Failed to join domain: failed to lookup DC info for domain 'hyrule.synthrealm.net' over rpc: Logon failure Aug 25 09:04:59 Telma httpd: [ERROR] [ERROR] exit code from realm join operation is 1 Aug 25 09:04:59 Telma realmd: ! The Administrator account, password, or credentials are invalid Aug 25 09:04:59 Telma httpd: Password for Administrator: Aug 25 09:05:19 Telma realmd: * Resolving: _ldap._tcp.hyrule.synthrealm.net Aug 25 09:05:19 Telma realmd: * Performing LDAP DSE lookup on: 192.168.2.10 Aug 25 09:05:19 Telma realmd: * Performing LDAP DSE lookup on: 192.168.2.1 Aug 25 09:05:19 Telma realmd: * Performing LDAP DSE lookup on: ::1 Aug 25 09:05:19 Telma realmd: ! Can't contact LDAP server Aug 25 09:05:19 Telma realmd: * Successfully discovered: hyrule.synthrealm.net Aug 25 09:05:19 Telma realmd: * Required files: /usr/sbin/oddjobd, /usr/libexec/oddjob/mkhomedir, /usr/sbin/sssd, /usr/bin/net Aug 25 09:05:19 Telma realmd: * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.UD4KMY -U Administrator ads join hyrule.synthrealm.net Aug 25 09:05:25 Telma realmd: Enter Administrator's password: Aug 25 09:05:25 Telma realmd: Failed to join domain: failed to lookup DC info for domain 'hyrule.synthrealm.net' over rpc: Logon failure

This is a design choice. Once a domain is picked it cannot be changed. To re-install the nsdc container manually, please see

http://docs.nethserver.org/projects/nethserver-devel/en/v7b/nethserver-dc.html#factory-reset

The Samba Active Directory has only the “administrator” account, after installation.

Are you attempting to join a remote Active Directory domain?

Correct, I am trying to join an existing AD domain.

Could you provide more information about it? Which version?

From the attached log I see this line repeating: Can't contact LDAP server. Can you resolve the DNS SRV record _ldap._tcp.hyrule.synthrealm.net?

Try the following command:

host -t SRV _ldap._tcp.hyrule.synthrealm.net