We can open a new bug now… 
/cc @quality_team
She’s a lucky wife 
3 Likes
We have two new packages on nethserver-testing!
Who wants to give’em a try? /cc @quality_team
Before pressing “START DC”:
yum --enablerepo=nethserver-testing update nethserver-sssd nethserver-dc
Also the join to a remote Active Directory would be very appreciated…
3 Likes
Will try it after lunch. Will do a clean install.
3 Likes
Log files seems to be OK. Perhaps we need some UI tweaks too…
Hi, I’m testing these new packages, how do I make NS7b2 member of an AD Controller?
Thanks,
Neither nethserver-directory, nor nethserver-dc have to be installed in this scenario.
- Go to Users and Groups page
- Select “Active Directory” and enter the AD DNS IP address
Thanks @davidep , all resolved now.
I´m now testing the server as member of an Active Directory domain. This is with the beta packages.
All working good.
Best regards,
Just uploaded a new nethserver-dc package on nethserver-testing. It should fix your issue.
nethserver-dc-1.0.5-1.2.gd1b3790.ns7.x86_64.rpm
1 Like
Hey @davidep you are the man!!!
I had to do a factory reset and now the administrator was created and I can create a user.
Also goups can be created and user can be added.
And also it works to add the user with the group directly.
No errors in messages.log
Oct 3 18:01:22 ns7test esmith::event[4543]: Event: user-create user1 Testuser 1 /usr/libexec/openssh/sftp-server
Oct 3 18:01:22 ns7test sshd[4559]: Did not receive identification string from 66.240.213.93
Oct 3 18:01:22 ns7test esmith::event[4543]: User ‘user1’ created successfully
Oct 3 18:01:22 ns7test esmith::event[4543]: Action: /etc/e-smith/events/user-create/S40nethserver-dc-user-create SUCCESS [0.4341]
Oct 3 18:01:22 ns7test esmith::event[4543]: Action: /etc/e-smith/events/user-create/S90nethserver-sssd-clear-cache SUCCESS [0.108069]
Oct 3 18:01:22 ns7test esmith::event[4543]: Event: user-create SUCCESS
Oct 3 18:01:22 ns7test esmith::event[4569]: Event: password-policy-update user1 no
Oct 3 18:01:23 ns7test esmith::event[4569]: Action: /etc/e-smith/events/password-policy-update/S10nethserver-sssd-clear-cache SUCCESS [0.127781]
Oct 3 18:01:23 ns7test esmith::event[4569]: Expiry for user ‘user1’ disabled.
Oct 3 18:01:23 ns7test esmith::event[4569]: Action: /etc/e-smith/events/password-policy-update/S30nethserver-dc-password-policy SUCCESS [0.488785]
Oct 3 18:01:23 ns7test esmith::event[4569]: Event: password-policy-update SUCCESS
Oct 3 18:01:23 ns7test esmith::event[4590]: Event: password-modify user1@verylongnametestns7.lan /tmp/ng-9Gj5nP
Oct 3 18:01:23 ns7test esmith::event[4590]: Action: /etc/e-smith/events/password-modify/S25password-set SUCCESS [0.004203]
Oct 3 18:01:23 ns7test esmith::event[4590]: spawn /usr/bin/systemd-run -M nsdc -q -t /usr/bin/samba-tool user setpassword user1
Oct 3 18:01:23 ns7test esmith::event[4590]: New Password:
Oct 3 18:01:24 ns7test esmith::event[4590]: Changed password OK
Oct 3 18:01:24 ns7test esmith::event[4590]: Action: /etc/e-smith/events/password-modify/S30nethserver-dc-password-set SUCCESS [0.404662]
Oct 3 18:01:24 ns7test esmith::event[4590]: Enabled user ‘user1’
Oct 3 18:01:24 ns7test esmith::event[4590]: Action: /etc/e-smith/events/password-modify/S40nethserver-dc-user-unlock SUCCESS [0.36365]
Oct 3 18:01:24 ns7test esmith::event[4590]: Action: /etc/e-smith/events/password-modify/S90password-cleanup SUCCESS [0.020477]
Oct 3 18:01:24 ns7test esmith::event[4590]: Event: password-modify SUCCESS
Oct 3 18:01:41 ns7test httpd: [NOTICE] NethServer\Tool\ChangePassword: root is changing password to SomeoneElse (administrator@verylongnametestns7.lan). Members of the adm group have no restriction (score = 1.00)
Oct 3 18:01:41 ns7test esmith::event[4642]: Event: password-modify administrator@verylongnametestns7.lan /tmp/ng-2VBwpO
Oct 3 18:01:41 ns7test esmith::event[4642]: Action: /etc/e-smith/events/password-modify/S25password-set SUCCESS [0.003263]
Oct 3 18:01:41 ns7test esmith::event[4642]: spawn /usr/bin/systemd-run -M nsdc -q -t /usr/bin/samba-tool user setpassword administrator
Oct 3 18:01:41 ns7test esmith::event[4642]: New Password:
Oct 3 18:01:42 ns7test esmith::event[4642]: Changed password OK
Oct 3 18:01:42 ns7test esmith::event[4642]: Action: /etc/e-smith/events/password-modify/S30nethserver-dc-password-set SUCCESS [0.415736]
Oct 3 18:01:42 ns7test esmith::event[4642]: Enabled user ‘administrator’
Oct 3 18:01:42 ns7test esmith::event[4642]: Action: /etc/e-smith/events/password-modify/S40nethserver-dc-user-unlock SUCCESS [0.377704]
Oct 3 18:01:42 ns7test esmith::event[4642]: Action: /etc/e-smith/events/password-modify/S90password-cleanup SUCCESS [0.010182]
Oct 3 18:01:42 ns7test esmith::event[4642]: Event: password-modify SUCCESS
Oct 3 18:03:19 ns7test chronyd[3045]: Selected source 212.186.250.154
Oct 3 18:04:27 ns7test esmith::event[4716]: Event: group-create testgroup user1
Oct 3 18:04:27 ns7test esmith::event[4716]: Added group testgroup
Oct 3 18:04:28 ns7test esmith::event[4716]: Added members to group testgroup
Oct 3 18:04:28 ns7test esmith::event[4716]: Action: /etc/e-smith/events/group-create/S40nethserver-dc-group-create SUCCESS [0.774969]
Oct 3 18:04:28 ns7test esmith::event[4716]: Action: /etc/e-smith/events/group-create/S90nethserver-sssd-clear-cache SUCCESS [0.071535]
Oct 3 18:04:28 ns7test esmith::event[4716]: Event: group-create SUCCESS
Oct 3 18:07:08 ns7test esmith::event[4875]: Event: user-create user2 Testuser 2 /bin/bash
Oct 3 18:07:08 ns7test esmith::event[4875]: User ‘user2’ created successfully
Oct 3 18:07:08 ns7test esmith::event[4875]: Action: /etc/e-smith/events/user-create/S40nethserver-dc-user-create SUCCESS [0.433983]
Oct 3 18:07:08 ns7test esmith::event[4875]: Action: /etc/e-smith/events/user-create/S90nethserver-sssd-clear-cache SUCCESS [0.091715]
Oct 3 18:07:08 ns7test esmith::event[4875]: Event: user-create SUCCESS
Oct 3 18:07:09 ns7test esmith::event[4901]: Event: group-modify testgroup@verylongnametestns7.lan user1 domain guests guest user2
Oct 3 18:07:10 ns7test esmith::event[4901]: Added members to group testgroup
Oct 3 18:07:10 ns7test esmith::event[4901]: Action: /etc/e-smith/events/group-modify/S40nethserver-dc-group-modify SUCCESS [0.793831]
Oct 3 18:07:10 ns7test esmith::event[4901]: Action: /etc/e-smith/events/group-modify/S90nethserver-sssd-clear-cache SUCCESS [0.077216]
Oct 3 18:07:10 ns7test esmith::event[4901]: Event: group-modify SUCCESS
Oct 3 18:07:10 ns7test esmith::event[4937]: Event: password-policy-update user2 yes
Oct 3 18:07:10 ns7test esmith::event[4937]: Action: /etc/e-smith/events/password-policy-update/S10nethserver-sssd-clear-cache SUCCESS [0.108905]
Oct 3 18:07:10 ns7test esmith::event[4937]: Expiry for user ‘user2’ set to 180 days.
Oct 3 18:07:10 ns7test esmith::event[4937]: Action: /etc/e-smith/events/password-policy-update/S30nethserver-dc-password-policy SUCCESS [0.512142]
Oct 3 18:07:10 ns7test esmith::event[4937]: Event: password-policy-update SUCCESS
Oct 3 18:07:11 ns7test esmith::event[4958]: Event: password-modify user2@verylongnametestns7.lan /tmp/ng-vtPLbK
Oct 3 18:07:11 ns7test esmith::event[4958]: Action: /etc/e-smith/events/password-modify/S25password-set SUCCESS [0.003443]
Oct 3 18:07:11 ns7test esmith::event[4958]: spawn /usr/bin/systemd-run -M nsdc -q -t /usr/bin/samba-tool user setpassword user2
Oct 3 18:07:11 ns7test esmith::event[4958]: New Password:
Oct 3 18:07:11 ns7test esmith::event[4958]: Changed password OK
Oct 3 18:07:11 ns7test esmith::event[4958]: Action: /etc/e-smith/events/password-modify/S30nethserver-dc-password-set SUCCESS [0.402442]
Oct 3 18:07:11 ns7test esmith::event[4958]: Enabled user ‘user2’
Oct 3 18:07:11 ns7test esmith::event[4958]: Action: /etc/e-smith/events/password-modify/S40nethserver-dc-user-unlock SUCCESS [0.360428]
Oct 3 18:07:11 ns7test esmith::event[4958]: Action: /etc/e-smith/events/password-modify/S90password-cleanup SUCCESS [0.0112]
Oct 3 18:07:11 ns7test esmith::event[4958]: Event: password-modify SUCCESS
Congratulations , I think you did it! 
Should we test what happens if verylongname.verylongname.verylongname is given as domain? 
2 Likes
On this latest one, I´m getting permissions errors:
- On the GUI
Task completed with errors
S20nethserver-ibays-set-permissions #2 (exit status 256)
On logs:
Oct 3 14:21:03 smart esmith::event[14141]: Action: /etc/e-smith/events/ibay-reset-permissions/S30nethserver-ibays-copy-permissions SUCCESS [0.04142]
Oct 3 14:21:03 smart esmith::event[14141]: Event: ibay-reset-permissions FAILED
1 Like
Isn’t this a limitation of NetBIOS? According to MS convention, a NetBIOS name consists of 16 characters. 15 for the name and the 16th is used as suffix. So this netbiosverylongnameforns7beta2 is not a valid netbiosname.
Since Samba4 is a copy of MS Active Directory, which in turn (still) uses NetBIOS protocol (over tcp/ip) My gut feeling tells me that you are bound to a max of 15 characters for your NetBIOS name.
https://support.microsoft.com/en-us/kb/188997
Yes, you got it. @davidep figured it out and corrected it that way, that to long names are truncated. We test the the behavior with intentionally given names, that doesn’t match that convention. To make NS some kind of foolsave. (Does this word exist in english? 
)
1 Like
I think the correct english word is foolproof… 
1 Like
Hi
I know this is old and would appear to be resolved but I am getting the “Account provider connection refused” and no listing of users. We have 20 characters in the domain name with the “nsdc-srv” preceding the actual domain name of 12 characters (not counting the periods)
It was OK initially but then stopped.
systemctl -M nsdc status samba-provision.service
● samba-provision.service - Domain controller provisioning
Loaded: loaded (/etc/systemd/system/samba-provision.service; enabled; vendor preset: disabled)
Active: inactive (dead)
Condition: start condition failed at Sat 2017-04-15 07:34:24 AEST; 1s ago
ConditionPathExists=!/var/lib/samba/private/krb5.conf was not met
cat /var/lib/samba/private/krb5.conf
[libdefaults]
default_realm = COMPSOS.COM.AU
dns_lookup_realm = false
dns_lookup_kdc = true
NS 7 fully updated
nethserver-dc-1.1-3-1.ns7.x86_64
Is it the max characters or am I looking in the wrong place? thanks.
I think your issue is not related to this topic. The realm and host names looks good.
See this one instead:
Please see in your logs if you have similar symptoms!
Also, feel free to open a new Support topic!