Menu
▾
▴
Re: [PacketFence-users] Issue joining domain with PF 9.1.0
|
From: G PL <pou...@gm...> - 2019-10-18 20:51:28
|
Hello,
The ip of management nterface is 192.168.100.0?
Le vendredi 18 octobre 2019, Adrian Dessaigne via PacketFence-users <
pac...@li...> a écrit :
> Hello.
>
> It's been a long time since I haven't asked for help. My previous project
> on PF 8.3.0 went very well and work has intetended.
>
> Today, I have a new sketch to do and I'll use PF 9.1.0 on CentOS 7. I've
> used my own documentation and the official one to setup my sketch.
> Installation done, I go for the domain configuration and I can't join it.
>
> Here is the error :
>
> Failed to join domain: failed to find DC for domain NOVASYS - {Operation
> Failed} The requested operation was unsuccessful.
>
> ------My domain configuration configuration :
> ID : Novasys
> Workgroup : NOVASYS
> Domain DNS : NOVASYS.LOCAL
> AD Server : 192.168.100.200
> DNS Server : 192.168.100.200
>
> Others options are left by default
> PacketFence mode is on "Radius" (First step of conigurator)
>
> ------Network Configuration
> First interface in 192.168.100.0 Type : Other
> Second Interface in X.X.X.X Type : Management
>
> ------In packetfence.log :
> Oct 18 16:31:50 localhost packetfence_winbindd-wrapper:
> winbindd-wrapper(22304) WARN: [mac:[undef]] Re-registering Novasys
> (main::child_sighandler)
> Oct 18 16:31:50 localhost packetfence: INFO pfcmd.pl(51902): Connecting
> to MySQL database (pfconfig::backend::mysql::_get_db)
> Oct 18 16:31:50 localhost packetfence: INFO pfcmd.pl(51902): No timezone
> defined, using Europe/Paris (pfconfig::namespaces::config:
> :Pf::build_child)
> Oct 18 16:31:50 localhost packetfence: INFO pfcmd.pl(51902): Instantiate
> profile default (pf::Connection::ProfileFactory::_from_profile)
> Oct 18 16:31:50 localhost packetfence: WARN pfcmd.pl(51902): Use of
> uninitialized value in split at /usr/local/pf/lib/pf/pfcmd/checkup.pm
> line 415.
> (pf::pfcmd::checkup::network)
> Oct 18 16:31:50 localhost packetfence: WARN pfcmd.pl(51902): Unknown
> network type for network 192.168.100.0 (pf::config::get_network_type)
> Oct 18 16:31:50 localhost pfqueue: Use of uninitialized value in split at
> /usr/local/pf/lib/pf/pfcmd/checkup.pm line 415.
> Oct 18 16:31:56 localhost packetfence_winbindd-wrapper:
> winbindd-wrapper(22304) WARN: [mac:[undef]] Re-registering Novasys
> (main::child_sighandler)
> Oct 18 16:31:56 localhost packetfence: INFO pfcmd.pl(51902): Connecting
> to MySQL database (pfconfig::backend::mysql::_get_db)
> Oct 18 16:31:56 localhost packetfence: INFO pfcmd.pl(51902): No timezone
> defined, using Europe/Paris (pfconfig::namespaces::config:
> :Pf::build_child)
> Oct 18 16:32:00 localhost packetfence: INFO pfcmd.pl(52022): Stopping
> winbindd with pid 22304 (pf::services::manager::stopService)
> Oct 18 16:32:00 localhost packetfence_winbindd-wrapper:
> winbindd-wrapper(22304) WARN: [mac:[undef]] Re-registering Novasys
> (main::child_sighandler)
> Oct 18 16:32:00 localhost packetfence: WARN -e(52014): Problem trying to
> run command: LANG=C sudo /sbin/iptables -S | grep input-management-if
> called from manager::iptables::isAlive. Child exited with non-zero value 1
> (pf::util::pf_run)
> Oct 18 16:32:00 localhost packetfence: WARN -e(52014): Problem trying to
> run command: LANG=C sudo /sbin/iptables -S | grep input-management-if
> called from manager::iptables::isAlive. Child exited with non-zero value 1
> (pf::util::pf_run)
> Oct 18 16:32:00 localhost packetfence: WARN -e(52014): Problem trying to
> run command: LANG=C sudo /sbin/iptables -S | grep input-management-if
> called from manager::iptables::isAlive. Child exited with non-zero value 1
> (pf::util::pf_run)
> Oct 18 16:32:00 localhost packetfence: INFO -e(52014): saving existing
> iptables to /usr/local/pf/var/iptables.bak (pf::iptables::iptables_save)
> Oct 18 16:32:00 localhost packetfence: WARN -e(52014): We are using IPSET
> (pf::ipset::iptables_generate)
> Oct 18 16:32:00 localhost packetfence: INFO -e(52014): flushing iptables
> (pf::ipset::iptables_flush_mangle)
> Oct 18 16:32:00 localhost packetfence: WARN -e(52014): Unknown network
> type for network 192.168.100.0 (pf::config::get_network_type)
> Oct 18 16:32:00 localhost packetfence: INFO -e(52014): Adding Forward
> rules to allow connections to the OAuth2 Providers and passthrough.
> (pf::iptables::generate_passthrough_rules)
> Oct 18 16:32:00 localhost packetfence: INFO -e(52014): Adding IP based
> passthrough for connectivitycheck.gstatic.com (pf::iptables::generate_
> passthrough_rules)
> Oct 18 16:32:01 localhost packetfence: INFO -e(52014): Adding NAT
> Masquerade statement. (pf::iptables::generate_passthrough_rules)
> Oct 18 16:32:01 localhost packetfence: WARN -e(52014): Unknown network
> type for network 192.168.100.0 (pf::config::get_network_type)
> Oct 18 16:32:01 localhost packetfence: INFO -e(52014): restoring iptables
> from /usr/local/pf/var/conf/iptables.conf (pf::iptables::iptables_restore)
> Oct 18 16:32:01 localhost packetfence_winbindd-wrapper:
> winbindd-wrapper(22304) INFO: [mac:[undef]] stopping winbindd-wrapper
> (main::END)
> Oct 18 16:32:02 localhost packetfence: INFO pfcmd.pl(52022): child exited
> with value 0
> (pf::services::manager::stopService)
> Oct 18 16:32:02 localhost packetfence: INFO pfcmd.pl(52022): Connecting
> to MySQL database (pfconfig::backend::mysql::_get_db)
> Oct 18 16:32:02 localhost packetfence: INFO pfcmd.pl(52022): No timezone
> defined, using Europe/Paris (pfconfig::namespaces::config:
> :Pf::build_child)
> Oct 18 16:32:02 localhost packetfence: INFO pfcmd.pl(52022): Instantiate
> profile default (pf::Connection::ProfileFactory::_from_profile)
> Oct 18 16:32:02 localhost packetfence: WARN pfcmd.pl(52022): Use of
> uninitialized value in split at /usr/local/pf/lib/pf/pfcmd/checkup.pm
> line 415.
> (pf::pfcmd::checkup::network)
> Oct 18 16:32:02 localhost packetfence: WARN pfcmd.pl(52022): Unknown
> network type for network 192.168.100.0 (pf::config::get_network_type)
> Oct 18 16:32:02 localhost pfqueue: Use of uninitialized value in split at
> /usr/local/pf/lib/pf/pfcmd/checkup.pm line 415.
> Oct 18 16:32:08 localhost packetfence: INFO pfcmd.pl(52022): Connecting
> to MySQL database (pfconfig::backend::mysql::_get_db)
> Oct 18 16:32:08 localhost packetfence: INFO pfcmd.pl(52022): No timezone
> defined, using Europe/Paris (pfconfig::namespaces::config:
> :Pf::build_child)
> Oct 18 16:32:11 localhost packetfence: INFO pfcmd.pl(52112): Hard
> expiring resource : config::Domain() (pfconfig::manager::expire)
> Oct 18 16:32:11 localhost packetfence: INFO pfcmd.pl(52112): Connecting
> to MySQL database (pfconfig::backend::mysql::_get_db)
> Oct 18 16:32:11 localhost packetfence: INFO pfcmd.pl(52112): Expiring
> overlayed resource from base resource config::Domain().
> (pfconfig::manager::expire)
> Oct 18 16:32:11 localhost packetfence: INFO pfcmd.pl(52112): Hard
> expiring resource : config::Domain(packetfence) (pfconfig::manager::expire)
> Oct 18 16:32:11 localhost packetfence: INFO pfcmd.pl(52112): Expiring
> child resource resource::domain_dns_servers. Master resource is
> config::Domain() (pfconfig::manager::expire)
> Oct 18 16:32:11 localhost packetfence: INFO pfcmd.pl(52112): Hard
> expiring resource : resource::domain_dns_servers()
> (pfconfig::manager::expire)
> Oct 18 16:32:15 localhost packetfence: INFO pfcmd.pl(52022): Daemon
> winbindd took 7.223 seconds to start. (pf::services::manager::
> launchService)
> Oct 18 16:32:20 localhost packetfence_winbindd-wrapper:
> winbindd-wrapper(52387) WARN: [mac:[undef]] Re-registering Novasys
> (main::child_sighandler)
> Oct 18 16:32:26 localhost packetfence_winbindd-wrapper:
> winbindd-wrapper(52387) WARN: [mac:[undef]] Re-registering Novasys
> (main::child_sighandler)
> Oct 18 16:32:27 localhost pfqueue: pfqueue(2525) INFO: [mac:unknown]
> domain join : Failed to join domain: failed to find DC for domain NOVASYS -
> {Operation Failed} The requested operation was unsuccessful.
> (pf::domain::join_domain)
> Oct 18 16:32:32 localhost packetfence_winbindd-wrapper:
> winbindd-wrapper(52387) WARN: [mac:[undef]] Re-registering Novasys
> (main::child_sighandler)
>
> ------Result of "chroot /chroots/Novasys/ ntlm_auth
> --username=Administrateur" :
> could not obtain winbind separator!
> Reading winbind reply failed! (0x01)
> : (0x0)
>
> ------Result of "chroot /chroots/Novasys/ wbinfo -u" :
> could not obtain winbind interface details: WBC_ERR_WINBIND_NOT_AVAILABLE
>
> I've checked with pfcmd service pf status and Winbind was started. I
> restarted this service throught the web admin and still the same.
>
> ------CentOS Configuration :
> IPv6, Firewalld and SELinux Disabled
> hostnamectl -sethostname packetfence
>
> /etc/hosts :
> 127.0.0.1 localhost packetfence packetfence.novasys.local
> 192.168.100.201 packetfence packetfence.novasys.local
> 192.168.100.200 win-server win-server.novasys.local
>
> /etc/resolv.conf
> nameserver 192.168.100.200
>
> Timezone :
> timedatectl set timezone Europe/Paris
>
> I've tried to join the AD with a basic Win10 and it work perfectly fine.
>
> At this point I don't know what I can check or what I've done wrong.
> If any other information needed, fell free to ask me
>
> Best regard,
> Adrian
> --
> ------------------------------
> * Adrian Dessaigne*
> Technicien Systèmes et Réseaux
> <https://www.novasys.coop/>
>
> 02 57 65 00 60 - 49 rue Robespierre 29200 BREST
> <https://www.google.com/maps/search/49+rue+Robespierre+29200+BREST?entry=gmail&source=g>
> *Siège social : 5 rue de Kermadiou 29600 MORLAIX
> <https://www.google.com/maps/search/5+rue+de+Kermadiou+29600+MORLAIX?entry=gmail&source=g>*
> *NOVASYS utilise la suite bureautique Libreoffice
> <https://fr.libreoffice.org/> librement et gratuitement téléchargeable à
> l'adresse https://fr.libreoffice.org/ <https://fr.libreoffice.org/>*
>
> EnregistrerEnregistrer
>
|
