I am trying to join my QNAP TS221 to my nethserver Domain with no success.
I was able to joint it once into the domain, but later the QNAP disks died and it was reinstalled.
nethserver is updated to the latest version: System version: NethServer release 7.6.1810 (final) Kernel release: 3.10.0-862.14.4.el7.x86_64
my domain account is: NetBIOS domain name: mydomain LDAP server: 192.168.10.31 LDAP server name: nsdc-dc.ad.mydomain.local Realm: AD.mydomain.LOCAL Bind Path: dc=AD,dc=mydomain,dc=LOCAL LDAP port: 389 Server time: Wed, 06 Feb 2019 15:48:47 IST KDC server: 192.168.10.31 Server time offset: 0 Last machine account password change: Mon, 06 Aug 2018 09:35:04 IDT
When I run it now, it will ask for, the following: Full DNS doamin name: I put: nsdc-dc.ad.mydomain.local NEBIOS domain name: I put MYDOMAIN
Primary DNS server: 192.168.10.31
on the next stage it will show me the Domain server it found: nsdc-dc.ad.mydomain.local,
I will add it to the the list, give an administrator user/password and click Join,
here I can see the problem, twice nsdc-dc.??
in the QNAP log I get the error: [Security mode] Failed to join domain. Cannot resolve domain. Check DNS server, AD servewr name and Domain.
What do I need to do to fix this?
Thanks
Eitan
Your full domain fqdn ist “ad.mydomain.tld” without nsdc-dc. It’s the domain fqdn, not the server fqdn.
What happens if you try to use the IP instead?
Administator Username is “administrator” with it’s password.
AFAIK this comes from MS-compatibility.
Nothing to de with this, but your machine seems not to be fully udated:
kernel 862.14 is one/two steps behind. subscrition kernel is 957.1, normal repo is 957.5
Can you ping this domain? If not, there’s a problem with DNS resolution.
Set the DNS to your NS, not to the nsdc.
If I read it corectly, the 192.168.10.31 is the nsdc.
Yes I can Ping the domain: **nsdc-dc.ad.mydomain.local _ad.mydomain.local__** - both replay with 192.168.10.31 dc.mydomain.local , that is the NS server name, replay with 192.168.10.30
Do you ping from qnap or NS?
The DNS server should be the 192.168.10.30, this is your NS-instance.
Above I saw the DNS set to 192.168.10.31, this is the IP of the nsdc-container.
It has been mentioned, but after you activated Samba4 AD accountprovider, you have to enable administrator and admin accounts by giving them a password.
When you join the domain, use either one of them. Root is a local account of the server and has no rights adding users or machines to the domain.
That is expected behaviour because ad.mydomain.local is the name of your domain, not your AD domain controller and dc.mydomain.local does not exist since your domain is ad.mydomain.local. NethServer is dc.ad.mydomain.local and the NSDC container where Samba4 AD resides is nsdc-dc.ad.mydomain.local.
If you think it is a DNS problem, make sure your clients use NS as DNS server to resolve ip addresses on your local LAN. If you think NS can’t resolve an IP address automagically, just add the IP address in NethServer DNS.