| Summary: | Could not join ROSA 2012.1 Fresh to Windows 2003 domain | ||
|---|---|---|---|
| Product: | [ROSA-based products] ROSA Fresh | Reporter: | FirstLevel <firstlevel> |
| Component: | Packages from Main | Assignee: | ROSA Linux Bugs <bugs> |
| Status: | RESOLVED FIXED | QA Contact: | ROSA Linux Bugs <bugs> |
| Severity: | normal | ||
| Priority: | Normal | CC: | alex.burmashev, alexander.petryakov, denis.silakov, djam5, r0g3r |
| Version: | Fresh | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Platform: | --- | ROSA Vulnerability identifier: | |
| RPM Package: | drakxtools-curses-14.34-2-rosa2012.1.x86_64 | ISO-related: | |
| Bad POT generating: | Upstream: | ||
| Bug Depends on: | |||
| Bug Blocks: | 2669 | ||
| Attachments: |
screenshot_053.png
screenshot_054.png screenshot_055.png Diagnostic information |
||
Created attachment 1173 [details]
screenshot_054.png
Created attachment 1174 [details]
screenshot_055.png
Created attachment 1175 [details]
Diagnostic information
Is there any coments from developers? A couple questions: 1. In which mode working AD domain? Mixed or Native? 2. Config file of Samba, plz (In reply to comment #5) > A couple questions: > > 1. In which mode working AD domain? Mixed or Native? > 2. Config file of Samba, plz 1. для drakauth это не имеет значения. там этого попросту нет. 2. cat /etc/samba/smb.conf [global] passdb backend = tdbsam winbind nss info = rfc2307 kerberos method = secrets only workgroup = realm = netbios name = security = ads encrypt passwords = Yes password server = * log file = /var/log/samba/log.%m max log size = 50 socket options = TCP_NODELAY os level = 0 local master = No dns proxy = No winbind uid = 10000-20000 winbind gid = 10000-20000 winbind separator = + template homedir = /home/%D/%U template shell = /bin/bash winbind enum groups = Yes winbind enum users = Yes winbind refresh tickets = true winbind offline logon = true winbind cache time = 1440 winbind use default domain = Yes это результат работы drakauth Is there any comments from developers? Подскажите, будут ли подвижки в этом вопросе? Или лучше сразу похоронить указанную утилиту и не вспоминать о ней? Проблема висит с февраля. Но ничего не изменилось. Комментариев нет. First of all. You don't provide any information about domain working mode. It's very important info, because in Native Mode AD changing encryption type during connection and drakauth need some fixes for working with this mode. In Native Mode, AD working in more restricted environment and have some limitations for clients which connected to AD. Хм. Ручная правка конфигурационного файла и команда net join -U admindomain решают проблему. Видимо ни каких специфичных вещей в домене нет. Какую дополнительную информацию необходимо предоставить? AD на базе W2k3 server. Все по стандартной схеме. Ни каких "фишек" не используется. This standard feature of Win2k3. When you deploy domain by dcpromo command, installation master asking you about domain working mode Mixed or Native. Unfortunately, in the current state Drakauth cant't detect this modes. You need to fix config file. So, can you say me what you fix in config file? This is easiest way to understand what problem in drakauth. все что я правлю это: workgroup = "название рабочей группы" realm = "название домена" netbios name = USERPC +> server string = USERPC Very interesting. We fixed this problem in ROSA LTS (Marathon). And drakauth correctly changing smb.conf. Hm-m-m... Can you show how you connect to domain by drakauth master? Screencast? Screeshots? Most interesting moment — when you fill three text fields in master. Oh, yes! What hostname you use _before_ connecting to domain? Localhost? (In reply to comment #13) > Very interesting. We fixed this problem in ROSA LTS (Marathon). And drakauth > correctly changing smb.conf. Hm-m-m... Can you show how you connect to > domain by drakauth master? Screencast? Screeshots? Most interesting moment — > when you fill three text fields in master. > > Oh, yes! What hostname you use _before_ connecting to domain? Localhost? Three text fields — this is mean: screen with AD name, DC and DNS name. И таки что? Я это и заполняю в полях формы мастера. Только результат работы мастера - пустой конфиг самбы и все. При чем здесь видеоуроки? Что за бред? Screenshot 054 this correct screen? And show me your real _fixed_ smb.conf, please. If not very problematic for you. Screencast != video lesson. :) This recording video of your actions on computer. скрин верный.
Какой смысл в записи моих действий? Вы попробуйте ввести в домен.
smb.conf fix handmade:
[global]
passdb backend = tdbsam
winbind nss info = rfc2307
kerberos method = secrets only
workgroup = aqualine
realm = aqualine.ru
netbios name = ORK-04
server string = ORK-04 (Holod)
security = ads
encrypt passwords = Yes
password server = *
log file = /var/log/samba/log.%m
max log size = 50
socket options = TCP_NODELAY
os level = 0
local master = No
dns proxy = No
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind separator = +
template homedir = /home/%D/%U
template shell = /bin/bash
winbind enum groups = Yes
winbind enum users = Yes
winbind refresh tickets = true
winbind offline logon = true
winbind cache time = 1440
winbind use default domain = Yes
drakauthmade:
[global]
passdb backend = tdbsam
winbind nss info = rfc2307
kerberos method = secrets only
workgroup =
realm =
netbios name =
security = ads
encrypt passwords = Yes
password server = *
log file = /var/log/samba/log.%m
max log size = 50
socket options = TCP_NODELAY
os level = 0
local master = No
dns proxy = No
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind separator = +
template homedir = /home/%D/%U
template shell = /bin/bash
winbind enum groups = Yes
winbind enum users = Yes
winbind refresh tickets = true
winbind offline logon = true
winbind cache time = 1440
winbind use default domain = Yes
Игра со значениями AD|DNS|DC в DA ни какой роли не имеют. Результат с любыми значениями точно такой же как указано выше. (In reply to comment #17) > скрин верный. > > Какой смысл в записи моих действий? Вы попробуйте ввести в домен. This is simply. I try to understand your sequence of actions that cause an error of generating correct smb.conf. We tested this master at some different domains, even on Windows 2008 R2. It worked without any problems in any configuration except Native mode, but plan fix it in the future. Do you test it on clean installation of ROSA 2012.1? Without config file editing or/and any actions before domain logon? Все действия выполняются на чистых свежеуствновленных машинах. Так как ни на одной, а их уже второй десяток пошел, менеджер не отработал верно, то это уже какая не какая но статистка. Поднял PDC на RELS 2012. Завел пользователей. Винда вводит машину в домен, drakauth точно также генерит неполный конфиг и не вводит машину в домен. Yep. I confirm bug and reproduce it. so, in near future we'll fix it. We fixed the problem. Please, Waiting update of drakx utils in near future. Что-то пока что нет в репозиториях Пока не пушили, завтра думаю сделаем. что-то завтра затянулось Да, и в самом деле... https://abf.rosalinux.ru/build_lists/1246884 https://abf.rosalinux.ru/build_lists/1246883 Проверил. Нареканий нет, работает как надо. Why case is solved if the packages with version 14.37.5 are not published? Where is the published (?) key ? The packages were published yesterday, just before closing the bug. For example, here is the new drakxtools: http://mirror.rosalab.ru/rosa/rosa2012.1/repository/x86_64/main/updates/drakxtools-14.37-5-rosa2012.1.x86_64.rpm Maybe the mirror you are using is out of sync? What does "urpmq --sources drakxtools" say (do not forget to run "urpmi.update updates" before launching that command)? (In reply to comment #30) > The packages were published yesterday, just before closing the bug. For > example, here is the new drakxtools: > > http://mirror.rosalab.ru/rosa/rosa2012.1/repository/x86_64/main/updates/ > drakxtools-14.37-5-rosa2012.1.x86_64.rpm > > Maybe the mirror you are using is out of sync? What does "urpmq --sources > drakxtools" say (do not forget to run "urpmi.update updates" before > launching that command)? [sergei@freshx32 ~]$ urpmq --sources drakxtools ftp://mirror.yandex.ru/rosa/rosa2012.1/repository/x86_64/media/main/release/drakxtools-14.34-2-rosa2012.1.x86_64.rpm [sergei@freshx32 ~]$ [root@freshx32 ~]# urpmi --auto-update источник «main (distrib1)» уже обновлён источник «contrib (distrib5)» уже обновлён источник «contrib updates (distrib6)» уже обновлён источник «non-free (distrib7)» уже обновлён источник «non-free updates (distrib8)» уже обновлён источник «restricted (distrib11)» уже обновлён источник «restricted updates (distrib12)» уже обновлён Пакеты находятся в актуальном состоянии [root@freshx32 ~]# (In reply to comment #31) > > [root@freshx32 ~]# urpmi --auto-update > источник «main (distrib1)» уже обновлён > источник «contrib (distrib5)» уже обновлён > источник «contrib updates (distrib6)» уже обновлён > [root@freshx32 ~]# ^^^ It seems that you don't have main/updates enabled. (In reply to comment #32) > (In reply to comment #31) > > > > [root@freshx32 ~]# urpmi --auto-update > > источник «main (distrib1)» уже обновлён > > источник «contrib (distrib5)» уже обновлён > > источник «contrib updates (distrib6)» уже обновлён > > [root@freshx32 ~]# > > ^^^ > It seems that you don't have main/updates enabled. Thanks. |
Created attachment 1172 [details] screenshot_053.png Description of problem: I have installed ROSA 2012.1 Fresh and tried to join my PC to windows 2003 domain. I have followed the master as You can see on attached screenshot. On the last step (screenshot_055.png) I see some id or symbolic code instead and domain for authentication is absent. After last step master is closed and nothing happens. I have attached some diagnostic information cat /etc/samba/smb.conf tail -f /var/log/messages while I set up domain authentication and wbinfo output Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3.