samba domain integration



  • Hello,
    i’m trying to make that after deploy the client automatically integrate samba domain, but i dont really understand how it works ?
    is the service which rename and integrate the client, or another process.
    If it’s the service i 've got to log on each station to launch service
    On the web interface i configure the "Active directory " section without success.
    Does someone could explain me how to do that ?

    thanks for your help



  • @Jbob Hello
    In first sorry for this long delay
    I just made the test today with the latest client. Everything seems to work fine !!



  • @Jbob Wonderful !!!
    I was waiting for this !!
    I’m going to test today and i’ll tell you the result
    thanks again !!!


  • Senior Developer

    @plegrand v0.9.6 is released, and this includes the Samba fix. (https://news.fogproject.org/client-v0-9-6/)


  • Moderator

    @Jbob said:

    @plegrand

    No release date is planned. For now keep using the legacy client. The next release of the client will be v0.10.0 which will include OSX + Linux compatibility.

    That’s what I’m waiting for!

    That is gonna blow minds left and right.


  • Senior Developer

    @plegrand

    No release date is planned. For now keep using the legacy client. The next release of the client will be v0.10.0 which will include OSX + Linux compatibility.



  • @Jbob is there a date for this new release ?



  • @Jbob thanks for your answer, for the moment i use the 4103 .
    Thanks again


  • Senior Developer

    The patch will only be applied on the next official release 0.9.6 or 0.10.0



  • @Jbob Just for information , as i don’t know if the client have the patch which permit to join samba domain, i made a test today without success.
    Same problem. But may be I’ve to wait a little.


  • Senior Developer

    @plegrand The patch will be applied next release.



  • @Jbob Hello, does it means that the new client will works now or do i have to wait the new “patched” client ?
    Any way thanks for your help


  • Senior Developer

    Bug confirmed and isolated. Ticket has been made here:

    https://github.com/FOGProject/fog-client/issues/22

    Basic explanation:
    For some reason the samba LDAP domain is returning an error code of 1355 instead of 2 or 50 (which correspond to OU errors). On OU errors the client will try using a null OU. I just have to add 1355 to the cases of OU errors.



  • @Uncle-Frank Just for test i put “NULL” then “(NULL)” into “Organizational Unit” in AD configuration without success



  • On the client windows xp i try this command nltest.exe :

    nltest.exe /dsgetdc:samba_domain
    DC: \SAMBA
    Address: \SAMBA
    Dom Name: SAMBA_DOMAIN
    The command completed successfully


  • Developer

    Well that’s an interesting catch. The difference I see is that the output from the old client says MachineAccountOU: (NULL) whereas the output from the new client seams to be empty but not NULL. Later on it fails with NetpJoinDomain: OU is specified but couldn’t get NT5 DC
    @Jbob Can you think of why this is different? You know the client source code a lot better than I do! Maybe OU is send as empty string ("") instead of NULL in the new client.



  • I discover something interesting.
    There is a file which log each try domain joining
    c:\windows\debug\NetSetup.LOG

    here is this file with the two tests (legacy and new client)

    NetSetup.LOG with the NEW client (which failed)

    10/02 10:18:24 -----------------------------------------------------------------
    10/02 10:18:24 NetpDoDomainJoin
    10/02 10:18:24 NetpMachineValidToJoin: 'gim-127-13'
    10/02 10:18:24 NetpGetLsaPrimaryDomain: status: 0x0
    10/02 10:18:24 NetpMachineValidToJoin: status: 0x0
    10/02 10:18:24 NetpJoinDomain
    10/02 10:18:24 	Machine: gim-127-13
    10/02 10:18:24 	Domain: samba_domain
    10/02 10:18:24 	MachineAccountOU: 
    10/02 10:18:24 	Account: samba_domain\admin_samba
    10/02 10:18:24 	Options: 0x3
    10/02 10:18:24 	OS Version: 5.1
    10/02 10:18:24 	Build number: 2600
    10/02 10:18:24 	ServicePack: Service Pack 3
    10/02 10:18:24 NetpValidateName: checking to see if 'samba_domain' is valid as type 3 name
    10/02 10:18:24 NetpValidateName:  'samba_domain' is not a valid Dns domain name: 0x2554
    10/02 10:18:25 NetpCheckDomainNameIsValid [ Exists ] for 'samba_domain' returned 0x0
    10/02 10:18:25 NetpValidateName: name 'samba_domain' is valid for type 3
    10/02 10:18:25 NetpDsGetDcName: trying to find DC in domain 'samba_domain', flags: 0x1020
    10/02 10:18:25 NetpDsGetDcName: found DC '\\SAMBA' in the specified domain
    10/02 10:18:25 NetpJoinDomain: status of connecting to dc '\\SAMBA': 0x0
    10/02 10:18:25 NetpJoinDomain: OU is specified but couldn't get NT5 DC
    10/02 10:18:25 NetpJoinDomain: status of disconnecting from '\\SAMBA': 0x0
    10/02 10:18:25 NetpDoDomainJoin: status: 0x54b
    10/02 10:19:26 -----------------------------------------------------------------
    

    NetSetup.LOG with the LEGACY client (which works fine)

    10/02 10:50:12 -----------------------------------------------------------------
    10/02 10:50:12 NetpDoDomainJoin
    10/02 10:50:12 NetpMachineValidToJoin: 'gim-127-13'
    10/02 10:50:12 NetpGetLsaPrimaryDomain: status: 0x0
    10/02 10:50:12 NetpMachineValidToJoin: status: 0x0
    10/02 10:50:12 NetpJoinDomain
    10/02 10:50:12 	Machine: gim-127-13
    10/02 10:50:12 	Domain: samba_domain
    10/02 10:50:12 	MachineAccountOU: (NULL)
    10/02 10:50:12 	Account: samba_domain\admin_samba
    10/02 10:50:12 	Options: 0x3
    10/02 10:50:12 	OS Version: 5.1
    10/02 10:50:12 	Build number: 2600
    10/02 10:50:12 	ServicePack: Service Pack 3
    10/02 10:50:12 NetpValidateName: checking to see if 'samba_domain' is valid as type 3 name
    10/02 10:50:12 NetpValidateName:  'samba_domain' is not a valid Dns domain name: 0x2554
    10/02 10:50:12 NetpCheckDomainNameIsValid [ Exists ] for 'samba_domain' returned 0x0
    10/02 10:50:12 NetpValidateName: name 'samba_domain' is valid for type 3
    10/02 10:50:12 NetpDsGetDcName: trying to find DC in domain 'samba_domain', flags: 0x1020
    10/02 10:50:20 NetpDsGetDcName: found DC '\\SAMBA' in the specified domain
    10/02 10:50:20 NetpJoinDomain: status of connecting to dc '\\SAMBA': 0x0
    10/02 10:50:20 NetpGetLsaPrimaryDomain: status: 0x0
    10/02 10:50:20 NetpGetNt4RefusePasswordChangeStatus: trying to read from '\\SAMBA'
    10/02 10:50:20 NetpGetNt4RefusePasswordChangeStatus: RefusePasswordChange == 0
    10/02 10:50:20 NetpLsaOpenSecret: status: 0xc0000034
    10/02 10:50:21 NetpManageMachineAccountWithSid: NetUserAdd on '\\SAMBA' for 'GIM-127-13$' failed: 0x8b0
    10/02 10:50:21 NetpManageMachineAccountWithSid: status of attempting to set password on '\\SAMBA' for 'GIM-127-13$': 0x0
    10/02 10:50:21 NetpJoinDomain: status of creating account: 0x0
    10/02 10:50:21 NetpGetLsaPrimaryDomain: status: 0x0
    10/02 10:50:21 NetpSetLsaPrimaryDomain: for 'SAMBA_DOMAIN' status: 0x0
    10/02 10:50:21 NetpJoinDomain: status of setting LSA pri. domain: 0x0
    10/02 10:50:21 NetpJoinDomain: status of managing local groups: 0x0
    10/02 10:50:21 NetpJoinDomain: status of setting netlogon cache: 0x0
    10/02 10:50:22 NetpJoinDomain: status of clearing ComputerNamePhysicalDnsDomain: 0x0
    10/02 10:50:22 NetpUpdateW32timeConfig: 0x0
    10/02 10:50:22 NetpJoinDomain: status of disconnecting from '\\SAMBA': 0x0
    10/02 10:50:22 NetpDoDomainJoin: status: 0x0
    10/02 10:53:12 -----------------------------------------------------------------
    10/02 10:53:12 NetpDoDomainJoin
    10/02 10:53:12 NetpMachineValidToJoin: 'gim-127-13'
    10/02 10:53:12 NetpGetLsaPrimaryDomain: status: 0x0
    10/02 10:53:12 NetpMachineValidToJoin: the specified machine is already joined to 'SAMBA_DOMAIN'!
    10/02 10:53:12 NetpMachineValidToJoin: status: 0xa83
    10/02 10:53:12 NetpDoDomainJoin: status: 0xa83
    

    May be it could help to find the problem



  • Here is all my test (netdom, legacy client, new client with log files).
    As it’s litle long i made a pdf document
    http://plegrand1.free.fr/Test_Samba_Domain.pdf


  • Senior Developer

    @Jbob As you and I have verified in browser (with the context printing properly) the values appear to be fixed. However, you will have to update the stored value in the database. There is a possibility this will be unneeded, but I say better to be sure than just try.



  • @Jbob You mean the c:\fog.log ?
    I’ll send you tomorrow and i’ll try to be clear in my explanation ;-)

    @Tom-Elliott i’ll update tomorrow to make a try


Log in to reply
 

459
Online

39010
Users

10725
Topics

101895
Posts

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.