Author Topic: getting Synology box to join Zentyal domain  (Read 2096 times)

zippydan

  • Zen Monk
  • **
  • Posts: 80
  • Karma: +1/-0
    • View Profile
getting Synology box to join Zentyal domain
« on: September 18, 2013, 05:08:02 am »
I got my Synology to synchronize with the Zentyal's LDAP server, but now I am trying something different.  I am trying to get my Synology to join with my Zentyal Domain Controller as if it were a Windows domain.

So far, I am getting the following error:

"
Failed to join the Windows domain. Please check your domain and firewall settings and try again. (kinit: Client not found in Kerberos database while getting initial credential)
"

I have checked my Domain Controller (Zentyal) and the firewall is definitely open to accept all incoming Kerberos requests on the local network.

I have also set my Synology box to use the DC as its NTP server.

Anyone have any ideas?

I am a little confused also by what is meant by "client" in this error message.  If it is referring to the user, then I am definitely using the correct user name and password.  If it is referring to the Synology box itself, then where in Zentyal can I define a new "client" or "computer"?  If that really is even the problem...

I tried looking in /var/log for any log file that might give me a hint about what is happening on the Zentyal side, but I was unsuccessful.  Can anyone tell me what log file I should be looking at on the Zentyal server?

from /var/log/messages on the Synology box:

Code: [Select]
systor-1 directory_service.cgi: wins_join1.c:518 krb5 login with ip failed
systor-1 directory_service.cgi: wins_join1.c:537 Use rpc join
systor-1 directory_service.cgi: wins_join1.c:547 rpc join: use NetBios name=MYCOMPANY
systor-1 directory_service.cgi: WININt4Join(594) rpc join failed
systor-1 directory_service.cgi: SYNOWinJoin1(998), Restore
systor-1 directory_service.cgi: directory_service.cpp:1113 szStatKey:WINIDoKrb5Login, szStatValue:kinit: Client not found in Kerberos database while getting initial credential
systor-1 directory_service.cgi: directory_service.cpp:1241 Failed to save domain/workgroup info.
systor-1 ntpdate: Sync with time server 172.18.1.25 offset 0.002330 sec.
systor-1 ntpdate: Sync with time server 172.18.1.25 offset -0.000218 sec.
systor-1 ntpdate: Sync with time server 172.18.1.25 offset -0.000759 sec.
systor-1 directory_service.cgi: directory_service.cpp:992 specify dc=172.18.1.25
systor-1 directory_service.cgi: directory_service.cpp:998 specify fqdn=ZENTYALSERV.INTERNAL.MYDOMAIN
systor-1 directory_service.cgi: directory_service.cpp:1005 specify netbios=MYCOMPANY
systor-1 directory_service.cgi: wins_join1.c:858 specify domain name=INTERNAL.MYDOMAIN
systor-1 directory_service.cgi: wins_join1.c:446 Use ads join
systor-1 directory_service.cgi: wins_join1.c:456 ads join: use FQDN=ZENTYALSERV.INTERNAL.MYDOMAIN
systor-1 directory_service.cgi: wins_search_ldap.c:38 lookup ldap fail,name=ZENTYALSERV.INTERNAL.MYDOMAIN
systor-1 directory_service.cgi: wins_join1.c:474 ads join: dc ip failed
systor-1 directory_service.cgi: wins_join1.c:479 ads join: use domain netbios name=MYCOMPANY
systor-1 ntpdate: Sync with time server 172.18.1.25 offset -0.001343 sec.
systor-1 ntpdate: Sync with time server 172.18.1.25 offset -0.000127 sec.
systor-1 directory_service.cgi: wins_do_krb5login.c:84 kinit failed kinit: Client not found in Kerberos database while getting initial credential
systor-1 directory_service.cgi: wins_join1.c:518 krb5 login with ip failed
systor-1 directory_service.cgi: wins_join1.c:537 Use rpc join
systor-1 directory_service.cgi: wins_join1.c:547 rpc join: use NetBios name=MYCOMPANY
systor-1 directory_service.cgi: WININt4Join(594) rpc join failed
systor-1 directory_service.cgi: SYNOWinJoin1(998), Restore
systor-1 directory_service.cgi: directory_service.cpp:1113 szStatKey:WINIDoKrb5Login, szStatValue:kinit: Client not found in Kerberos database while getting initial credential
systor-1 directory_service.cgi: directory_service.cpp:1241 Failed to save domain/workgroup info.
« Last Edit: September 18, 2013, 01:36:29 pm by zippydan »

christian

  • Guest
Re: getting Synology box to join Zentyal domain
« Reply #1 on: September 19, 2013, 06:50:26 am »
This basically means that you try to join Samba 4 domain which expects Kerberos authentication but your client (here Synology server) is not found is the Kerberos repository. No match...

fedotov_andrey

  • Zen Warrior
  • ***
  • Posts: 199
  • Karma: +16/-0
  • zentyal.su
    • View Profile
Re: getting Synology box to join Zentyal domain
« Reply #2 on: December 09, 2013, 10:33:41 am »
How to solve the problem?