AD & VMware workstation

JWLLEWELYN · 2019-01-09 23:07:54 UTC

NethServer Version: 7.6.1810 “final
Module: * nethserver-samba

Greetings to the whole community, I am new here.
I had problems with the installation of Nethserver to make an “active directory”. I was from January 2 to January 5 trying to make the “active directory” work. It was very frustrating because I did not succeed.

Note that Windows 10 v1809 does not connect to the active directory and Kerio Control 9 does not connect my UTM Firewall server to the active directory.
The installation was made in a minimal installation of CentOS 7 more recent 1810.
Virtualized in VMware Workstation Pro 14.1.5.
Create the bridge mode adapters:
enp6s0 <- LAN <- vnet3
enp4s0 <- WAN1 <- vnet0
enp4s1 <- WAN2 <- vnet2
wpl5s0 <- WLAN <- vnet4

Note ping lan with no problem to the base host and ping the ip of the active directory.
When a network adapter is enabled with the cable disconnected or without internet connection, the computer takes a long time to start and sometimes it never starts.

mandcsharma · 2019-01-10 01:31:49 UTC

Hi welcome to the community. Check dns as that can cause slowing of connecting pc to server, are you using dhcp via the nethserver? (I run active directory at a few clients one has 30 windows clients connecting each day no probs at all) . Do you get any errors when setting it up? I don’t use VMware as I prefer virtualbox but I will try it and see what happens, let me know if you have fixed it or not.

stephdl · 2019-01-10 07:05:29 UTC

Check that link

Virtualbox must bridge its nic on br0 and you must trigger some network command, probably related also to vmware

JWLLEWELYN · 2019-01-11 20:37:15 UTC

Hello, for this Sunday I give an answer, since the days that I can do tests are non-working days.
The reason I use VMware Workstation Pro v14.1.5 is because it allows me to easily create virtual machines and configure network adapters to bridge mode.
Nethserver installed it on the physical host, not on the virtual machine.
I want to migrate from Zentyal Server Comunity and Nethserver.
Since Zentyal does not work well the installation of the graphical interface and nethserver if possible, which allows me to enable other functions since I have a computer of modest capacity.
And for the other reason that I use the VMware is to virtualize a host with a commercial distribution in Debian “Kerio Control 9” which is a UTM.
I did tests previously with dhcp server from Kerio control and it did not work, probe only from nethserver and the same does not work, proble without dhcp server only proxy not transparent and also does not find the hostname.
Doing nslookup does not get the domain name.

robb · 2019-01-11 20:48:06 UTC

I must say I am quite confused and have trouble to understand what you are trying to accomplish.
AFAIK it shouldn’t matter if you use virtualized or physical servers. What @stephdl said: if you use virtualbox, you have to enable promiscuous mode on your interfaces to make networking work.

I don’t see what your UTM has to do with installing NethServer or moveing from Zentyal to NethServer. It is just another device on your network. If the UTM can be added to an Active Directory environment, it should be possible to add it to NethServer Samba4 AD domain too., but that is for later worries.

If you decide to use NethServer as your Active Directory server, I suggest you use DHCP on NethServer instead of your UTM.

Can you give a more detailed picture of how you setup your network with IP addresses and subnet(s) used? Also all networkinterfaces and bridges that are active?

stephdl · 2019-01-12 07:25:09 UTC

Yep, to complete what @robb said

http://docs.nethserver.org/en/latest/accounts.html#installing-on-a-virtual-machine

JWLLEWELYN · 2019-01-12 20:38:24 UTC

This is my scheme:

server.savidoca.com ============================= firewall.savidoca.com
static IP: 192.168.1.2 enp6s0 <== bridge ==> vmnet3 static IP: 192.168.1.1
dinamic IP: DHCP enp4s0 <== bridge ==> vmnet0 dinamic IP: 200.xxx.xxx.xxx (DHCP)
dinamic IP: DHCP enp4s1 <== bridge ==> vmnet2 dinamic IP: 190.xxx.xxx.xxx (DHCP)
dinamic IP: DHCP wlp5s0 <== bridge ==> vmnet4 static IP: 192.168.137.1

mandcsharma · 2019-01-14 09:44:32 UTC

I think you are making this more complex than it needs to be. From a workstation can you ping the nethserver box? Forget the utm for now. If you are running VMware workstation on a Windows box please disable the windows firewall also check the firewall on any Linux version you are running VMware workstation on. This doesn’t seem like a nethserver issue, try and keep your responses as clear as possible please.

JWLLEWELYN · 2019-01-16 15:13:01 UTC

Yes, you can ping nethserver from a workstation, both the address 192.168.1.2 and 192.168.1.3.
I have Internet connection thanks to the 192.168.1.1 gateway and also ping.
You can access the nethserver panel without problems.
but I can not connect any workstation to the active directory created.
with nslookup can not find the created domain: savidoca.com
I did not have this problem with zentyal, since I’m currently using it but I want to switch to nethserver.
Neither deactivated the windows firewall of the workstations, nor the firewall of centos of the server, nor the firewall of vmware, does not connect to the active directory to unite the workstations.

mandcsharma · 2019-01-16 15:34:48 UTC

Have a look at this thread: Howto install NethServer as Samba AD domain controller v0.2

JWLLEWELYN · 2019-01-16 19:18:26 UTC

thank you very much mandcsharma, some steps of the installation I complied with in this guide, except that install nethserver by repository, the part of configuring the static network I skipped it during the installation of the operating system and configure it at the end of updating nethserver.
Also do not configure the certificate, I think that is what is missing.

This weekend I do the tests.

JWLLEWELYN · 2019-01-20 20:36:54 UTC

Hi.
I already did the test installing the system again.
This time I did the test with a TP-LINK TD-W8970 router without DHCP Server on the router. enabling in DHCP Server with adapter br0.
Do not install VMware.
I do not know if it is necessary to configure it in DNS Server, since also the equipment to connect to the Active Directory does not connect.
nslookup can not find the domain.

JWLLEWELYN · 2019-01-20 20:57:19 UTC

In view of the fact that the active directory and domain controller could not be operated.
I say goodbye, because for reasons of time, I can not continue testing. You can close this topic.

mrmarkuz · 2019-01-20 21:21:05 UTC

Sorry it did not work but did your client machines use Nethserver as DNS and DHCP server?

JWLLEWELYN · 2019-01-21 02:17:48 UTC

Yes, I enable the DHCP Server with the br0 adapter and the DNS server, I see that by default it does not add the domain name when an active directory is implemented, which is added manually with the domain name and IP address.
I did the test with a computer just installed the Windows 10 v1809 to join it to the domain and it does not connect.

mrmarkuz · 2019-01-21 10:18:54 UTC

Important is that the Windows 10 client uses Nethserver as DNS. Then the AD domain should be resolvable.
Here are commands to get information about your config, please post the relevant output:

account-provider-test dump
systemctl status nsdc -l
systemctl status -M nsdc samba
journalctl -M nsdc -u samba
config show dns
config show nsdc
config show sssd

Another thread about AD and virtualization:

mandcsharma · 2019-01-21 23:09:25 UTC

It’s important that your DNS and DHCP is the nethserver box. I have tried to recreate this issue and using the nethserver as DNS and DHCP I am able to connect a windows 10 pc. Sorry you are having so many issues.