Error connecting to NS8: ns8-join: a matching external AD domain was not found in NS8

Support
, ,
1

Hello,

I am getting the following error in the migration tool, and I gave up after 4 hours of debugging and hacking:

Error connecting to NS8: ns8-join: a matching external AD domain was not found in NS8.

Is there any way to to debug this, see what is matching and what don’t?

Thank you!

2

Does the NS7 use an external account provider?
In that case you need to create it on the NS8, see also NethServer 7 migration — NS8 documentation

3

Hello,

Sorry, last night I wrote a detailed post but at the end I did not send it as I thought I am bout to solve it… 1 hour later I restored the VMs, but the draft was gone by then.

External Windows Server AD

NS7:
Joined using LDAP - last night I tried to rejoin it as Active Directory (this was the idea when I discarded the previous draft of this post), but it failed at trying to connect to _ldap._tcp.ad.domain.tld which I could not hack successfully in any way, even tried with AdDns in command line in "action":"remote-ad" (possibly then I got other error, I don’t remember), or even altering the joining script.

LDAP server URI: ldap://server.ad.domain.tld
STARTTLS: No
Base DN: OU=abc,DC=ad,DC=domain,DC=tld
User DN: OU=abc,DC=ad,DC=domain,DC=tld
Group DN: OU=abc,DC=ad,DC=domain,DC=tld
Bind DN: CN=xyz,OU=Service Accounts,OU=abc,DC=ad,DC=domain,DC=tld
Bind Password: 123456

Note: when I tried to install NS8 DokuWiki and got stuck due to translated group names on windows Server, then I added new admins and reorganized the groups, and OU=abc was introduced back then, so I updated these settings. I have checked, the default groups disappeared and the new ones appeared.

NS8:
server.ad.domain.tld:389
Schema: ad
Base DN: OU=abc,DC=ad,DC=domain,DC=tld
Bind DN: CN=xyz,OU=Service Accounts,OU=abc,DC=ad,DC=domain,DC=tld
Bind password: 123456
TLS: Disabled
TLS verify: Disabled

For me the looks identical - I do not know if LDAP/AD method means a difference or not.

So I would like to debug it deeper to see the actual reason.

As I would need only mailing and roundcube to migrated, I also checked the migration script to get idea what should be done if I would copy everything manually, but I am afraid to proceed due to all the permissions and the whole containerization.

Thank you for your help!

4

SOVLED

Finally…

Removed server. from beginning the NS7 LDAP server URI, and rejoined NS8 with the same changes, and now it works…

Huh… :zipper_mouth_face:

1 Like