[PC-BSD Testing] pc-activedirectory broken + workarounds

Ken Moore ken at pcbsd.org
Wed Mar 19 08:18:56 PDT 2014

On 03/19/2014 10:45, Joe Maloney wrote:
> I actually tested with FreeNAS configured as a domain 
> controller.  :)  I'm moving on to a new job full-time in a few weeks 
> where I've already deployed about 5 FreeNAS servers so far to replace 
> an old samba3 + openldap setup.  So I've been consumed with figuring 
> out the perfect setup for that which I have and it's working great so far.
> I'm hoping to get a new work PC set up my first day with PCBSD joined 
> to the directory so I can kind of show that off.  So far I can log in 
> if I choose the option in PCDM to list the users but the manual entry 
> method just freezes.  I'll have to see if I can gather more logs somehow.

Both visible/invisible user lists use the exact same backend systems in 
PCDM, so maybe it is something in the "display name" to "username" 
conversion that is messing up active directory (or some AD "magic" 
resulting in needing a different username than you think for the manual 
entry). Try entering the normally-visible "Display Name" into the manual 
entry and see if that works - that should let the PCDM backend convert 
it to the auto-detected username associated with that display name and 
see if it works.

> BTW after looking at the alternatives Fedora, CentOS, Ubuntu, Debian 
> only centos had a GUI tool to actually bind a machine to an active 
> directory it was a little more cumbersome to set up than yours was.  
> So I have to say good job.
> Joe Maloney

> On Wed, Mar 19, 2014 at 8:33 AM, Ken Moore <ken at pcbsd.org 
> <mailto:ken at pcbsd.org>> wrote:
>     Thanks for the feedback on PCDM, this is the first confirmation I
>     have seen that it works from somebody actually testing it with a
>     full AD setup.
>     My guess would be that the samba conf file location simply got
>     changed between samba3 and samba4, so moving our default
>     configuration over to samba4.conf is probably a good idea since we
>     don't use samba3 anymore. I will defer to Kris for the final say
>     on this matter though..... ;-)
>     On 03/18/2014 23:34, Joe Maloney wrote:
>>     After further research I touched this file and changed smb.conf
>>     to smb4.conf.
>>     https://github.com/pcbsd/pcbsd/blob/91d60cdbfb76269232372ffcdd3239c069453899/src-sh/pc-adctl/scripts/pc-samba
>>     I haven't yet edited in pcbsd git repo.  Is this ok to change?
>>      Is there a reason for it to be smb.conf?
>>     After the above change I just had to launch only winbindd
>>     manually and problem solved. Indeed PCDM does not list users when
>>     in directory mode unless the box is checked to show users.
>>      Pretty cool.
>>     Joe Maloney
>>     On Tue, Mar 18, 2014 at 9:27 PM, Joe Maloney <jmaloney at pcbsd.org
>>     <mailto:jmaloney at pcbsd.org>> wrote:
>>         After configuring with pc-activedirectory it doesn't work.
>>          After copying smb.conf to smb4.conf the net ads join command
>>         then works.  At this stage wbinfo -u doesn't work to list
>>         users so finally starting smb, nmbd, winbind manually it
>>         fully works now I can see all of my ad users in PCDM.
>>         Joe Maloney
>>     _______________________________________________
>>     Testing mailing list
>>     Testing at lists.pcbsd.org  <mailto:Testing at lists.pcbsd.org>
>>     http://lists.pcbsd.org/mailman/listinfo/testing
>     -- 
>     ~~ Ken Moore ~~
>     PC-BSD/iXsystems
>     _______________________________________________
>     Testing mailing list
>     Testing at lists.pcbsd.org <mailto:Testing at lists.pcbsd.org>
>     http://lists.pcbsd.org/mailman/listinfo/testing

~~ Ken Moore ~~

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.pcbsd.org/pipermail/testing/attachments/20140319/c4d0dce2/attachment.html>

More information about the Testing mailing list