Nethserver join domain to Nethserver/AD

Support
,
1

hi,
there are two servers:

  1. server A nethserver 7.5.1804, AD/DC, DNS, 192.168.1.1 ip machine, 192.168.1.2 ip AD.
  2. server B nethserver 7.5.1804 , dns server set to server A (192.168.1.1)

when I join the domain server as Active Directory from server B, it fails with error

image
image.png701×464 19.1 KB

the user “administrator” on server A is enabled.

thanks

2

I add the result of nmap of the server 192.168.1.1

image

3

Does it work if you join to the AD DC (192.168.1.2) instead of 192.168.1.1? It should work without AD DNS setting too.

1 Like
4

Hi Markus,

image

5

image

6

Can you ping/nmap 192.168.1.2?

7

No, ip 192.168.1.2 is not reachable with ping/nmap

8

This might be the root cause of your problem. It looks like the NSDC (container where Samba4 accountprovider is running) is not reachable.
Can you check on your server where the NSDC is running (Server A in your case) if the NSDC has been created correctly and is running?

1 Like
9

image
image1537×229 16.8 KB

image
image460×579 22.3 KB

image
image993×674 112 KB

10

Can you give a db networks show on your Server A? Just to check if the bridge adapter has been created correctly.
And to rule out obvious culprits: You did activate the administrator account and the password for administrator is working correctly?

You didn’t mention this, but it might be important to know: what is the IP address of ServerB? and how is it connected to the rest of the network?

11

I would say no
image

do I have to create a new logical interface?

12

That looks just fine. What bothers me is that you can not contact/ping your NSDC.
Can you do a db networks show on Server B too? Could it be that there are conflicting IP’s on your network?

If I do a netstat [IP-of-NSDC] from my NethServer I get a response like this:

[root@ns7 ~]# netstat 192.168.10.6
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 ns7.ad.interlin.n:46084 192.168.10.6:ldap ESTABLISHED
tcp 0 0 ns7.ad.interlin.n:54186 192.168.10.6:msft-gc ESTABLISHED
tcp 0 0 ns7.ad.interlin.nl:ssh E540.ad.interlin.:38660 ESTABLISHED

In your case do a “netstat 192.168.1.2” from your ServerA and you should get a similar output.

13

Which is IP Address of Server B?

It’s on green subnet?
Edit: @Robb sorry you already asked. :frowning:

1 Like
14

Your DNS server for the domain SHOULD be the NSDC container. The .2 in your case. Make sure the default gateway is correct as well, else it will have trouble finding the address. This should be a routing device like your router, or firewall in some cases.

Edit: sorry, you are way past my remark, ignore it :confused:

15

Server B
image

there are no IP conflicts on the network

16

And when you go to Server A web admin interface. What does it say under Status / Domain accounts?

17

image
image.png760×584 67.8 KB

18

Are these physical servers or virtual? How are they connected to 192.168.1.10? What kind of device is 192.168.1.10 ?

19

Just doing a wild guess here:
Is ServerB a virtual server and configured with a NAT interface, but having an IP on the same subnet as the host? If so, change the NAT interface to Bridged interface and it should all work.

1 Like
20

Virtual server, over SAN. 192.168.1.10 it’s the firewall server, it’s a physical machine.