Join domain fails

ka.rot · March 16, 2017, 2:57pm

My Objective:
Nethserver, to be primarily used as domain controller AD and as fileserver

Some Parameters and Status achieved:
Windows 7 host 64bits:
IP 192.168.201.110
Nethserver is installed in Windows 7 host, Virtual Box, VM name:. server3. samba.local,
IP 192.168.201.140 (static IP)
nsdc-server3.samba.local is installed in Linux container and running
IP 192.168.201.141 (static IP)

Problem:
join candidate computer to domain fails
user: admin
Domain: samba and samba.local (both attempted)

Results:
user ID and password get interrogated and specified
cannot join domain “Network path was not found”

Investigations performed:
With CLI of nethserver:
• nslookup nsdc-server3.samba.local - > 192.168.201.141 i.e. ok
• nslookup-nsdc-server3.samba -> 192.168.201.141 i.e. ok
• ping nsdc-server3.samba.local -> ok
• ping nsdc-server3.samba -> ok
With CLI of Windows 7 host
• ping nsdc-server3.samba.local -> ok
• ping nsdc-server3.samba -> ok
simultaneous pings from various IP Addresses (nethserver 192.168.201.140 + at least 1 more from local network (192.168.201.0/24))
• ping results change periodically from sequences of good results (between 5 and 10 pings) to
• ping sequences with time out failure. (between 5 and 10 pings)
• Failures occurring everywhere simultaneously.

Questions:
• Is there a network instability with respect to nsdc-server3 or is this behaviour to be expected?
• Can I nevertheless expect good results, when trying to join the domain?
• What can I do?
• Can anybody help me?
Help would be very much appreciated.

Regards
Karl

davidep · March 16, 2017, 5:23pm

Hi @ka.rot, did you enable promiscuous mode in your virtualbox? Please see:

http://docs.nethserver.org/en/v7/accounts.html#installing-on-a-virtual-machine

To be sure the DC is reachable I usually run a port scanner against it.

ka.rot · March 16, 2017, 9:11pm

Hi Davide,

Thank you for your quick response.

Yes, Promiscuous Mode for the bridge is set to „Allow for all VM and the host“

I also did a port scan and got subsequent results, which may be ok

Then I used the port scanner running in Windows host to get some statistics about pings.

2 simultaneous pings different origins -> successful 100%

3 simultaneous pings different origins -> successful 33%

4 simultaneous pings different origins -> successful 30%

Besides, I measured the load on the Windows host

CPU load 2% not dependent on number of simultaneous pings

Memory load 50% not dependent on number of simultaneous pings

Many regards

Karl

asl · March 17, 2017, 7:37pm

Hello,

at least I can confirm, that NS7 works very well as AD in my installation. I did not try to run NS7 on Virtual Box, but running on Proxmox.
What might be important to join the domain on the Windows machine is the registry patch as noted in the docs (win7samba.reg). Without it you might fail to join the domain - for me it was mandatory (W2012).

Also here: http://community.nethserver.org/t/install-nethserver-as-ad-with-linux-and-windows-clients/866

davidep · March 17, 2017, 10:25pm

AFAIK registry patches are required to join an old NT-style Samba PDC (ns6). In Active Directory (ns7) domain they’re not needed.

asl · March 18, 2017, 7:09am

Maybe I mixed it up , because I started with version NS 6.8 before. Good to know!

ka.rot · March 18, 2017, 9:11am

Me too, I have a working configuration with 6.8. The application of the registry patch has not changed anything. The more testing I spend, the more likely it becomes that I am having a problem with the combination of the Linux Container for nsdc and Virtual Box. For example: I can only get the authentication request in periods of successful pings, whilest in periods of failing pings nothing happens. Another indication is, that answreing to the authentication request in periods of successful pings stops ping answers and leads to time out of pings. I am using Virtual Box Version 5.1.14r112924 (QT5.6.2). I have set promiscuous mode to “allow all VM and the host”. I cannot set promicsuous mode to “allow all”, because this choice is not being offered to me in my configuration. Therefore I may have to try upgrading of Virtual Box.
Regards Karl

ka.rot · March 22, 2017, 2:19pm

Meanwhile I have upgraded VirtualBox to Version 5.1.18r114002 (Qt5.6.2) but my problem persists. I am looking for help desparately.
Regards Karl

stephdl · March 25, 2017, 1:27am

Works well also with proxmox…install proxmox on the windows host and solve the bug number one