Ldap and active directory


(jrohland) #1

I am trying to get my install connected to windows 08 server ad but so far unsuccessful. I have authenticated to the controller when trying to add the server, server does add as its in the computers container. The issue I seem to have is that users are not being populated on the nethserver side from ad. Using the following

syntax:

realm:lab.local
domain:lab
ldap accounts branch:cn=users,ou=test

So after adding, reviewed Email Addresses, nothing shows within the list.

Still learning nethserver, any assistance would be great.

Thanks.

Also have test with cn=users


(Alessio Fattorini) #2

Do you have received an error during the configuration? Which error?
Try to login to webmail or SOGo using AD credentials.
Can you paste here a screenshot of set command on a windows machine already joined to AD?
Paste also LDAP tree on AD


(jrohland) #3

No error was given, asked for creds, put in the AD admin and password,

See the following screenshots:


(jrohland) #4

What I have found is that after joining the AD server and trying to add a new user with the same name as the one which is already in AD does cause an error and states the user exists. I am new to the product nethserver, I would assume that nethserver would read from the OU on the AD server and populate the list of users with the users which already exist. Now this could be my assumption as far as how it would or should work.

Please let me know if I am off track on how this should be working.

Thanks.


(Alessio Fattorini) #5

Have you tried To login on so go or roundcubemail with ad credentials? Please try


(Gilberto Ribeiro) #6

Hello,

I’m having a similar problem.

I was able to join my nethserver to the domain but the users list is empty and I cannot add domain users to a Samba ACL.

If I logon to nethserver using a domain account and fill the First and Last name fields, that particular account is added to the users list, and I can add it to an ACL.

Is there a way to add all my 2000+ Active Directory accounts to the users list?

Thanks in advance.

GAR


(Alessio Fattorini) #7

Unfortunately at the moment after a successful join to AD you don’t have any clear feedback.

You’re right, you can’t see this list on Webui, just using
getent passwd

Right, it’s not possible since you can’t create a user already existed on AD side

From my point of view showing output of this commands on “Network Windows panel” could be enough:
getent passwd
wbinfo -u
wbinfo -g