NethServer Version: 8
I try to join NS8 to a Windows 2025 AD but nothing works…
Do you know, is the join into a Windows 2025 Domain supported?
Sorry I don’t understand the question. To use an external LDAP db for NS8 users, refer to User domains — NS8 documentation.
M$ enabled LDAP signing by default on server 2025: https://techcommunity.microsoft.com/discussions/windowsserverinsiders/is-enforcing-ldap-signing-enabled-by-default-starting-with-windows-server-2025/4273680
You could try to change the policy as explained here: LDAP Authentication with Active Directory Windows Server 2025, bind fails | Netgate Forum
3 Likes
Hi, I use a Windows Server 2025 as a Domain Controller and would like to join NS8 into this AD…
Hi Markus, good to know, thank you for the link!
Just for testing I tried it also with a Windows Server 2022 but got the same error…
I would like to debug it on CLI, could you please give me a hint how to do it?
what error is it? can you find it in the Logs page?
strictly speaking it is not a domain join operation, just ns8 and its apps connect also with tls to an external LDAP db.
BDW I always get this error if I upload certs:
OK, got it with another way to generate the cert (with CLI…):
Thank you for your help!
1 Like
it’s a known bug that will be fixed in the coming weeks with Trafik v3 release.
A custom certificate is not required to browse an external ldap db. If the AD ldap has no valid certificate (as often happens), it is possible to disable the certificate validation, as I see from your screnshot.
To solve you issue, did you change something on the Windows 2025 side?
No, I created a cert from CLI and uploaded it. After this I was able to connect to the AD with Port 636 but only without TLS verify…