samba domain integration
-
I discover something interesting.
There is a file which log each try domain joining
c:\windows\debug\NetSetup.LOGhere is this file with the two tests (legacy and new client)
NetSetup.LOG with the NEW client (which failed)
10/02 10:18:24 ----------------------------------------------------------------- 10/02 10:18:24 NetpDoDomainJoin 10/02 10:18:24 NetpMachineValidToJoin: 'gim-127-13' 10/02 10:18:24 NetpGetLsaPrimaryDomain: status: 0x0 10/02 10:18:24 NetpMachineValidToJoin: status: 0x0 10/02 10:18:24 NetpJoinDomain 10/02 10:18:24 Machine: gim-127-13 10/02 10:18:24 Domain: samba_domain 10/02 10:18:24 MachineAccountOU: 10/02 10:18:24 Account: samba_domain\admin_samba 10/02 10:18:24 Options: 0x3 10/02 10:18:24 OS Version: 5.1 10/02 10:18:24 Build number: 2600 10/02 10:18:24 ServicePack: Service Pack 3 10/02 10:18:24 NetpValidateName: checking to see if 'samba_domain' is valid as type 3 name 10/02 10:18:24 NetpValidateName: 'samba_domain' is not a valid Dns domain name: 0x2554 10/02 10:18:25 NetpCheckDomainNameIsValid [ Exists ] for 'samba_domain' returned 0x0 10/02 10:18:25 NetpValidateName: name 'samba_domain' is valid for type 3 10/02 10:18:25 NetpDsGetDcName: trying to find DC in domain 'samba_domain', flags: 0x1020 10/02 10:18:25 NetpDsGetDcName: found DC '\\SAMBA' in the specified domain 10/02 10:18:25 NetpJoinDomain: status of connecting to dc '\\SAMBA': 0x0 10/02 10:18:25 NetpJoinDomain: OU is specified but couldn't get NT5 DC 10/02 10:18:25 NetpJoinDomain: status of disconnecting from '\\SAMBA': 0x0 10/02 10:18:25 NetpDoDomainJoin: status: 0x54b 10/02 10:19:26 -----------------------------------------------------------------
NetSetup.LOG with the LEGACY client (which works fine)
10/02 10:50:12 ----------------------------------------------------------------- 10/02 10:50:12 NetpDoDomainJoin 10/02 10:50:12 NetpMachineValidToJoin: 'gim-127-13' 10/02 10:50:12 NetpGetLsaPrimaryDomain: status: 0x0 10/02 10:50:12 NetpMachineValidToJoin: status: 0x0 10/02 10:50:12 NetpJoinDomain 10/02 10:50:12 Machine: gim-127-13 10/02 10:50:12 Domain: samba_domain 10/02 10:50:12 MachineAccountOU: (NULL) 10/02 10:50:12 Account: samba_domain\admin_samba 10/02 10:50:12 Options: 0x3 10/02 10:50:12 OS Version: 5.1 10/02 10:50:12 Build number: 2600 10/02 10:50:12 ServicePack: Service Pack 3 10/02 10:50:12 NetpValidateName: checking to see if 'samba_domain' is valid as type 3 name 10/02 10:50:12 NetpValidateName: 'samba_domain' is not a valid Dns domain name: 0x2554 10/02 10:50:12 NetpCheckDomainNameIsValid [ Exists ] for 'samba_domain' returned 0x0 10/02 10:50:12 NetpValidateName: name 'samba_domain' is valid for type 3 10/02 10:50:12 NetpDsGetDcName: trying to find DC in domain 'samba_domain', flags: 0x1020 10/02 10:50:20 NetpDsGetDcName: found DC '\\SAMBA' in the specified domain 10/02 10:50:20 NetpJoinDomain: status of connecting to dc '\\SAMBA': 0x0 10/02 10:50:20 NetpGetLsaPrimaryDomain: status: 0x0 10/02 10:50:20 NetpGetNt4RefusePasswordChangeStatus: trying to read from '\\SAMBA' 10/02 10:50:20 NetpGetNt4RefusePasswordChangeStatus: RefusePasswordChange == 0 10/02 10:50:20 NetpLsaOpenSecret: status: 0xc0000034 10/02 10:50:21 NetpManageMachineAccountWithSid: NetUserAdd on '\\SAMBA' for 'GIM-127-13$' failed: 0x8b0 10/02 10:50:21 NetpManageMachineAccountWithSid: status of attempting to set password on '\\SAMBA' for 'GIM-127-13$': 0x0 10/02 10:50:21 NetpJoinDomain: status of creating account: 0x0 10/02 10:50:21 NetpGetLsaPrimaryDomain: status: 0x0 10/02 10:50:21 NetpSetLsaPrimaryDomain: for 'SAMBA_DOMAIN' status: 0x0 10/02 10:50:21 NetpJoinDomain: status of setting LSA pri. domain: 0x0 10/02 10:50:21 NetpJoinDomain: status of managing local groups: 0x0 10/02 10:50:21 NetpJoinDomain: status of setting netlogon cache: 0x0 10/02 10:50:22 NetpJoinDomain: status of clearing ComputerNamePhysicalDnsDomain: 0x0 10/02 10:50:22 NetpUpdateW32timeConfig: 0x0 10/02 10:50:22 NetpJoinDomain: status of disconnecting from '\\SAMBA': 0x0 10/02 10:50:22 NetpDoDomainJoin: status: 0x0 10/02 10:53:12 ----------------------------------------------------------------- 10/02 10:53:12 NetpDoDomainJoin 10/02 10:53:12 NetpMachineValidToJoin: 'gim-127-13' 10/02 10:53:12 NetpGetLsaPrimaryDomain: status: 0x0 10/02 10:53:12 NetpMachineValidToJoin: the specified machine is already joined to 'SAMBA_DOMAIN'! 10/02 10:53:12 NetpMachineValidToJoin: status: 0xa83 10/02 10:53:12 NetpDoDomainJoin: status: 0xa83
May be it could help to find the problem
-
Well that’s an interesting catch. The difference I see is that the output from the old client says
MachineAccountOU: (NULL)
whereas the output from the new client seams to be empty but not NULL. Later on it fails withNetpJoinDomain: OU is specified but couldn’t get NT5 DC
@Jbob Can you think of why this is different? You know the client source code a lot better than I do! Maybe OU is send as empty string (“”) instead of NULL in the new client. -
On the client windows xp i try this command nltest.exe :
nltest.exe /dsgetdc:samba_domain
DC: \SAMBA
Address: \SAMBA
Dom Name: SAMBA_DOMAIN
The command completed successfully -
@Uncle-Frank Just for test i put “NULL” then “(NULL)” into “Organizational Unit” in AD configuration without success
-
Bug confirmed and isolated. Ticket has been made here:
https://github.com/FOGProject/fog-client/issues/22
Basic explanation:
For some reason the samba LDAP domain is returning an error code of 1355 instead of 2 or 50 (which correspond to OU errors). On OU errors the client will try using a null OU. I just have to add 1355 to the cases of OU errors. -
@Jbob Hello, does it means that the new client will works now or do i have to wait the new “patched” client ?
Any way thanks for your help -
@plegrand The patch will be applied next release.
-
@Jbob Just for information , as i don’t know if the client have the patch which permit to join samba domain, i made a test today without success.
Same problem. But may be I’ve to wait a little. -
The patch will only be applied on the next official release 0.9.6 or 0.10.0
-
@Jbob thanks for your answer, for the moment i use the 4103 .
Thanks again -
@Jbob is there a date for this new release ?
-
No release date is planned. For now keep using the legacy client. The next release of the client will be v0.10.0 which will include OSX + Linux compatibility.
-
@Jbob said:
No release date is planned. For now keep using the legacy client. The next release of the client will be v0.10.0 which will include OSX + Linux compatibility.
That’s what I’m waiting for!
That is gonna blow minds left and right.
-
@plegrand v0.9.6 is released, and this includes the Samba fix. (https://news.fogproject.org/client-v0-9-6/)
-
@Jbob Wonderful !!!
I was waiting for this !!
I’m going to test today and i’ll tell you the result
thanks again !!! -
@Jbob Hello
In first sorry for this long delay
I just made the test today with the latest client. Everything seems to work fine !!