[PC-BSD Testing] pc-activedirectory broken + workarounds

Kris Moore kris at pcbsd.org
Fri Mar 28 08:15:44 PDT 2014


Sure! Can you make the change, or would you like me to do it?

On 03/27/2014 21:51, Joe Maloney wrote:
> Kris,
> can we change smb.conf here to smb4.conf to begin to fix pc-adsldap
> domain joins?
>
> https://github.com/pcbsd/pcbsd/blob/91d60cdbfb76269232372ffcdd3239c069453899/src-sh/pc-adctl/scripts/pc-samba
> <https://github.com/pcbsd/pcbsd/blob/91d60cdbfb76269232372ffcdd3239c069453899/src-sh/pc-adctl/scripts/pc-samba>
>
> Joe Maloney
>
>
> On Wed, Mar 19, 2014 at 9:12 PM, Joe Maloney <jmaloney at pcbsd.org
> <mailto:jmaloney at pcbsd.org>> wrote:
>
>     Login without the user list also works perfect.
>
>     Joe Maloney
>
>
>
>     On Wed, Mar 19, 2014 at 9:09 PM, Joe Maloney <jmaloney at pcbsd.org
>     <mailto:jmaloney at pcbsd.org>> wrote:
>
>         It's not creating the home directories.  Once I created
>         /usr/home/jmaloney manually it worked.  That explains why it
>         was working on my old setup until I removed that user from my
>         local system and nuked the dataset for that user.
>
>         So.  4 steps required to make it work.
>
>         Change smb.conf to smb4.conf in pc-samba
>         launch winbindd
>         restart PCDM after launching winbind
>         mkdir /usr/home/%username%
>
>         Joe Maloney
>
>
>         On Wed, Mar 19, 2014 at 8:20 PM, Joe Maloney
>         <jmaloney at pcbsd.org <mailto:jmaloney at pcbsd.org>> wrote:
>
>             After some more testing I see that I can log in as a local
>             user with just "admin" and no problems.  It seems now even
>             if I bring back the list of users and click to login it
>             still hangs.  I more than likely just borked my setup when
>             I tried to install samba port to see if it would bring
>             back /usr/local/etc/rc.d/winbindd script so that I could
>             make it start automatically.  Which it didn't so I need to
>             figure that out.  I will start over fresh and just make
>             that smb.conf > smb4.conf change in pc-samba and at most
>             start winbindd manually and see what happens...
>
>             Joe Maloney
>
>
>
>             On Wed, Mar 19, 2014 at 10:18 AM, Ken Moore <ken at pcbsd.org
>             <mailto:ken at pcbsd.org>> wrote:
>
>                 On 03/19/2014 10:45, Joe Maloney wrote:
>>                 I actually tested with FreeNAS 9.2.1.2 configured as
>>                 a domain controller.  :)  I'm moving on to a new job
>>                 full-time in a few weeks where I've already deployed
>>                 about 5 FreeNAS servers so far to replace an old
>>                 samba3 + openldap setup.  So I've been consumed with
>>                 figuring out the perfect setup for that which I have
>>                 and it's working great so far.
>>
>>                 I'm hoping to get a new work PC set up my first day
>>                 with PCBSD joined to the directory so I can kind of
>>                 show that off.  So far I can log in if I choose the
>>                 option in PCDM to list the users but the manual entry
>>                 method just freezes.  I'll have to see if I can
>>                 gather more logs somehow. 
>>
>
>                 Both visible/invisible user lists use the exact same
>                 backend systems in PCDM, so maybe it is something in
>                 the "display name" to "username" conversion that is
>                 messing up active directory (or some AD "magic"
>                 resulting in needing a different username than you
>                 think for the manual entry). Try entering the
>                 normally-visible "Display Name" into the manual entry
>                 and see if that works - that should let the PCDM
>                 backend convert it to the auto-detected username
>                 associated with that display name and see if it works.
>
>
>>                 BTW after looking at the alternatives Fedora, CentOS,
>>                 Ubuntu, Debian only centos had a GUI tool to actually
>>                 bind a machine to an active directory it was a little
>>                 more cumbersome to set up than yours was.  So I have
>>                 to say good job. 
>>
>>                 Joe Maloney
>>
>>
>
>                 :-)
>
>>
>>                 On Wed, Mar 19, 2014 at 8:33 AM, Ken Moore
>>                 <ken at pcbsd.org <mailto:ken at pcbsd.org>> wrote:
>>
>>                     Thanks for the feedback on PCDM, this is the
>>                     first confirmation I have seen that it works from
>>                     somebody actually testing it with a full AD setup.
>>
>>                     My guess would be that the samba conf file
>>                     location simply got changed between samba3 and
>>                     samba4, so moving our default configuration over
>>                     to samba4.conf is probably a good idea since we
>>                     don't use samba3 anymore. I will defer to Kris
>>                     for the final say on this matter though..... ;-)
>>
>>
>>                     On 03/18/2014 23:34, Joe Maloney wrote:
>>>                     After further research I touched this file and
>>>                     changed smb.conf to smb4.conf.  
>>>
>>>                     https://github.com/pcbsd/pcbsd/blob/91d60cdbfb76269232372ffcdd3239c069453899/src-sh/pc-adctl/scripts/pc-samba
>>>
>>>                     I haven't yet edited in pcbsd git repo.  Is this
>>>                     ok to change?  Is there a reason for it to be
>>>                     smb.conf?
>>>
>>>                     After the above change I just had to launch only
>>>                     winbindd manually and problem solved. Indeed
>>>                     PCDM does not list users when in directory mode
>>>                     unless the box is checked to show users.  Pretty
>>>                     cool.
>>>
>>>                     Joe Maloney
>>>
>>>
>>>
>>>                     On Tue, Mar 18, 2014 at 9:27 PM, Joe Maloney
>>>                     <jmaloney at pcbsd.org <mailto:jmaloney at pcbsd.org>>
>>>                     wrote:
>>>
>>>                         After configuring with pc-activedirectory it
>>>                         doesn't work.  After copying smb.conf to
>>>                         smb4.conf the net ads join command then
>>>                         works.  At this stage wbinfo -u doesn't work
>>>                         to list users so finally starting smb, nmbd,
>>>                         winbind manually it fully works now I can
>>>                         see all of my ad users in PCDM.
>>>
>>>                         Joe Maloney
>>>
>>>
>>>
>>>
>>>                     _______________________________________________
>>>                     Testing mailing list
>>>                     Testing at lists.pcbsd.org <mailto:Testing at lists.pcbsd.org>
>>>                     http://lists.pcbsd.org/mailman/listinfo/testing
>>
>>
>>                     -- 
>>                     ~~ Ken Moore ~~
>>                     PC-BSD/iXsystems
>>
>>
>>                     _______________________________________________
>>                     Testing mailing list
>>                     Testing at lists.pcbsd.org
>>                     <mailto:Testing at lists.pcbsd.org>
>>                     http://lists.pcbsd.org/mailman/listinfo/testing
>>
>>
>
>
>                 -- 
>                 ~~ Ken Moore ~~
>                 PC-BSD/iXsystems
>
>
>
>
>


-- 
Kris Moore
PC-BSD Software
iXsystems

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.pcbsd.org/pipermail/testing/attachments/20140328/9a18af20/attachment-0001.html>


More information about the Testing mailing list