• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    samba domain integration

    Scheduled Pinned Locked Moved Solved
    Linux Problems
    8
    102
    74.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Tom ElliottT
      Tom Elliott @EAHarvey
      last edited by

      @EAHarvey I don’t know what you mean.

      @plegrand is trying to find out when samba domain joining started failing. It is believed to have worked at some point in the past, so to test he is downgrading and going to try finding out exactly when it started.

      Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

      Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

      Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

      P 1 Reply Last reply Reply Quote 0
      • P
        plegrand @Tom Elliott
        last edited by plegrand

        @Tom-Elliott in fact i just begin to wonder if it worked once 😞
        I cant understand why it works with netdom command and not with fog client

        Do i have to uninstall and reinstall client to ?

        Tom ElliottT 1 Reply Last reply Reply Quote 0
        • Tom ElliottT
          Tom Elliott @plegrand
          last edited by

          @plegrand Well can you provide a teamviewer session (in chat) with me and I can try to help narrow down exactly where the problem lies? I’m going to guess it has to do with the user having the domain as a part of the field.

          Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

          Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

          Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

          P 1 Reply Last reply Reply Quote 0
          • P
            plegrand @Tom Elliott
            last edited by Joe Schmitt

            @Tom-Elliott Eureka !!
            I made some tests, and i know why i said it worked before : it works with the legacy client and
            “Domain Password Legacy” field filled
            without problem.
            Then i uninstalled legacy client and install new client but now there is an other error

            29/09/2015 16:39 Client-Info Version: 0.9.5
             29/09/2015 16:39 HostnameChanger Running...
             29/09/2015 16:39 Middleware::Communication URL: http://192.168.39.243/fog/service/servicemodule-active.php?moduleid=hostnamechanger&mac=00:21:85:71:BD:8E|&newService=1
             29/09/2015 16:39 Middleware::Communication Response: Success
             29/09/2015 16:39 Middleware::Communication URL: http://192.168.39.243/fog/service/hostname.php?moduleid=hostnamechanger&mac=00:21:85:71:BD:8E|&newService=1
             29/09/2015 16:39 Middleware::Communication Response: Invalid host certificate
             29/09/2015 16:39 Middleware::Communication URL: http://192.168.39.243/fog/management/other/ssl/srvpublic.crt
             29/09/2015 16:39 Data::RSA CA cert found
             29/09/2015 16:39 Middleware::Authentication Cert OK
             29/09/2015 16:39 Middleware::Communication POST URL: http://192.168.39.243/fog/management/index.php?sub=authorize
             29/09/2015 16:39 Middleware::Communication Response: Invalid security token
            
            1 Reply Last reply Reply Quote 0
            • Tom ElliottT
              Tom Elliott
              last edited by

              So does that seem to indicate a difference in the passwords?

              Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

              Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

              Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

              P 3 Replies Last reply Reply Quote 0
              • P
                plegrand @Tom Elliott
                last edited by

                @Tom-Elliott it’s the same password used
                i put the “real” password into “Domain Password” field
                and same password encrypted with FogCrypt into “Domain Password Legacy” field

                1 Reply Last reply Reply Quote 0
                • P
                  plegrand @Tom Elliott
                  last edited by plegrand

                  @Tom-Elliott May be i didn’t understand your question?
                  Do you need more information ?
                  I think legacy client and new client doesn’t use the same method to join domain. Am i wrong ?
                  Just to be clear
                  join domain works fine with legacy client and doesn’t works with the new client
                  I made the tests with the same domain user and the same password
                  clear for new client
                  and encrypted with Fog Crypt for the legacy client

                  1 Reply Last reply Reply Quote 0
                  • P
                    plegrand @Tom Elliott
                    last edited by

                    @Tom-Elliott Hello Tom, do you think my problem come from a bug in the new client, or from me and my configuration?
                    Do you want i make some other tests ?
                    Thanks

                    1 Reply Last reply Reply Quote 0
                    • S
                      Sebastian Roth Moderator
                      last edited by

                      I guess @Jbob would know…

                      Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                      Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                      P 1 Reply Last reply Reply Quote 0
                      • Tom ElliottT
                        Tom Elliott
                        last edited by

                        I would ask if you have updated again.

                        See, I’ve tested what I can, but I don’t have a logical answer as to why it’s not working for you. It should be.

                        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                        P 1 Reply Last reply Reply Quote 0
                        • P
                          plegrand @Sebastian Roth
                          last edited by

                          @Uncle-Frank
                          Do you think he could explain me why i can join to samba domain with “all” method except with the new client ?

                          It works with the classic manual method
                          It works with netdom command line
                          It works with legacy client
                          It does not works with new client
                          I cant see anything in samba log
                          May be he could told me what is the difference between “legacy client” method an “new client” method.
                          I’m ok to make some test if it’s usefull
                          Thanks for your and Tom help

                          I cant understand what happen

                          1 Reply Last reply Reply Quote 0
                          • P
                            plegrand @Tom Elliott
                            last edited by

                            @Tom-Elliott
                            As i install, uninstall, reinstall fog client, is it possible that windows kept first credential, the first i use with apostrophe in password ?
                            while fog show (http://192.168.39.243/fog/service/hostname.php?mac=00:21:85:71:bd:8e) the good samba adminisrator ?

                            1 Reply Last reply Reply Quote 0
                            • P
                              plegrand
                              last edited by plegrand

                              Hmmm… may be it’s important : i’m making this test on a windows XP machine
                              Do i have to use legacy client for windows XP or it should works also with the new client ?
                              May be new client use powershell for domain integration ?

                              1 Reply Last reply Reply Quote 0
                              • J
                                Joe Schmitt Senior Developer
                                last edited by

                                @plegrand The error you reported in your last log “Invalid security token” is because you re-installed the client. You have to click “Reset Encryption Data” for the host on the web portal whenever you do that.

                                Now then as for Samba. The most likely reason this only occurs for the new client is because the server can’t properly parse your ’ character. Here is why: The new client does on-the-fly encryption, meaning the server encrypts the AD password with a special encryption key only the client knows and sends it to the client. With the legacy client, you were giving the server the FOGCrypt’d password, which from a plain text perspective did not contain a ’ . More than likely it is because the server is stripping out the ’ , and nothing to do with the client. Every release the client is tested against multiple AD scenarios, and LDAP scenarios. In addition, it is XP compatible.

                                I will try and confirm this shortly.

                                Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                                P 1 Reply Last reply Reply Quote 0
                                • J
                                  Joe Schmitt Senior Developer
                                  last edited by Joe Schmitt

                                  Confirmed. The server is replace ’ with &#39. This is now in @Tom-Elliott s domain

                                  Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                                  Tom ElliottT 1 Reply Last reply Reply Quote 0
                                  • P
                                    plegrand @Joe Schmitt
                                    last edited by

                                    @Jbob i made all my test with a password without apostrophe " ’ ".
                                    domain : samba_domain
                                    domain admin : admin_samba
                                    password domain admin : password
                                    and then with this configuration :
                                    It works with the classic manual method
                                    It works with netdom command line
                                    It works with legacy client
                                    It does not works with new client
                                    Thanks for your help

                                    1 Reply Last reply Reply Quote 0
                                    • J
                                      Joe Schmitt Senior Developer
                                      last edited by

                                      As I previously stated, according to your log its because the client couldn’t authenticate. You have to press 'Reset Encryption Data"

                                      Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                                      P 1 Reply Last reply Reply Quote 0
                                      • P
                                        plegrand @Joe Schmitt
                                        last edited by

                                        @Jbob i already do that . It was because i uninstalled legacy client and reinstall new client
                                        Then i pressed 'Reset Encryption Data"
                                        But afater that the problem is still there.
                                        I cant join domain with new client

                                        1 Reply Last reply Reply Quote 0
                                        • J
                                          Joe Schmitt Senior Developer
                                          last edited by

                                          @plegrand said:

                                          I cant join domain with new client

                                          Can you upload the log for that client?

                                          Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                                          1 Reply Last reply Reply Quote 0
                                          • Tom ElliottT
                                            Tom Elliott
                                            last edited by

                                            also, can you update again, only this time, also re-enter the password in the ADPass field and/or fields.

                                            Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                                            Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                                            Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 6
                                            • 4 / 6
                                            • First post
                                              Last post

                                            230

                                            Online

                                            12.0k

                                            Users

                                            17.3k

                                            Topics

                                            155.2k

                                            Posts
                                            Copyright © 2012-2024 FOG Project