NS 7 PDC - domain join error

Support
1

NethServer Version: v7 beta2
Module:

Hi,

I have installed NS 7 beta 2, and I’d like to use it as a PDC. When I try to connect to the domain from win 10 client I get the fallowing error after enterd the administrator user and the password:

my config is:
NS ip: 192.168.111.62

Domain account:
NetBIOS domain name: TEST
LDAP server: 192.168.111.63
LDAP server name: nsdc-nethserver.test.lan
Realm: TEST.LAN
Bind Path: dc=TEST,dc=LAN
LDAP port: 389
Server time: Tue, 11 Oct 2016 13:15:08 CEST
KDC server: 192.168.111.63
Server time offset: 0

Join is OK
name: NETHSERVER

I added the NS (192.168.111.62) as a DNS like here:

NS’s DNS table is empty, but the service is running.

From the win 10 client the output of nslookup:

nslookup test.lan
Server: nethserver.test.lan
Address: 192.168.111.62
Name: test.lan
Address: 192.168.111.63

I would be grateful for any advice.

2

Hi Marcel,

please check, that your gateway is the ns7-machine on the computer which you want to join.

3

Hi Ralf,

Whay it is necessary? The gateway is my router.
Anyway it doesn’t work :frowning:

4

be sure your NS is the Nameserver for your lan… if your router act as dhcp/dns server it could be tricky

5

No not in your router, sorry that I was unclear.
In your nic-setup. Where from does your machine get its ip? Which one is your dhcp?
This is an example of an static IP-setup.

If your dhcp is i.e. your router, the gateway and dns-server is automatically set to your routers ip. Then your machine can not join, because your router doesn’t know the dns of your testserver/nsdc.

For testpurpose I like static IP, like above. If you don’t want static ip, your testserver has to be the dhcp/dns for the machine to join, because then the gateway and dns is set to your testserver.

6

Thank you for your answer! For testing purpose I manually configured a static ip, the DNS and the gateway is the NS, but the error message is the same.

7

Is it a real machine or a vm? In case it is a vm, please set the nic to promiscuous mode.
Can you ping the nsdc ip?

8

Did you modify the registry of the win 10 machine ?
Is it win 10 pro or home ?

1 Like
9

Thank you for your answers!

Ralf:
I use ESXI 5.5 - I tried to set the promiscuous mode, but the error message is the same.

my settings, nslookup and ping:

neth_error2.JPG607×643 62.5 KB

Bogdan:
http://www.nethserver.org/blog-nethserver
“Windows workstations can seamlessly join the AD Domain, no more registry tweaks are needed.”

As I know win home editions can’t connect to domain.

10

Hi.
I assume that you use the LDAP and not the AD.
This means that in a way you will be joining the NT4 style DC.

So assuming this, I can point you to this link https://wiki.samba.org/index.php/Required_Settings_for_Samba_NT4_Domains

On the other hand if you use the SAMBA AD style then you should have no issue joining (but this is not the issue)

Back to this issue. Let’s assume the steps you need to see so we can narrow down the issue.
(You can laugh at some steps but… some people did not)

  1. Both machines are connected on the same network (connected in the same range and physical segment)
  2. the services in the NS machine are up and running
  3. the windows machine is configured to get the DHCP settings from the NS machine
  4. the DNS settings are set up correctly in the NS (add the lan side host to the dns entries)
  5. the name resolution works fine from both ends.
  6. the firewall on both machines is not interfering (try to set it off on both cases to narrow down the issue)
  7. you have properly configured a user that is able to join machines to the domain
  8. there is no extra custom config on the windows 10 machine or software (no other AV or FW suite )

try to run trough this list and let’s hope we can see what is wrong.

Also a full Win 10 machine update does not hurt. (if it is fresh install it can miss some updates that fix the join issue)

BR
Bogdan

2 Likes
11

Dear all, thanks for all your help. I didn’t make any changes and now it’s working properly…

12

Hi @pirx,
great works. :+1:

if you believe that the problem is solved, marks “solved” the answer that helped you.
This helps anyone looking for the same problem and who responds to the support :construction_worker:
Thanks friend

1 Like