Author Topic: trying to get Zentyal Additional Domain Controller to join Zentyal DC  (Read 4857 times)

zippydan

  • Zen Monk
  • **
  • Posts: 80
  • Karma: +1/-0
    • View Profile
I am following this guide http://trac.zentyal.org/wiki/Documentation/Community/Document/MultipleZentyal to try and get my Zentyal box to join with another Zentyal box running as the Domain Controller.  Everything seems to be working fine, except that I am getting a frustratingly simple error when I try to start the File Sharing service from the Dashboard:

Could not bind to AD LDAP server (Simple Bind Failed: NT_STATUS_LOGON_FAILURE).Please check the supplied credentials.

This seems like a simple case of wrong username or password.  But I am 100% sure that I am using the right username and password (spelling, capitalization, everything), the user exists on the primary Domain Controller, and the user is a member of the "Domain Admins" group on the primary Domain Controller.  I'm thinking there may be an issue with the formatting of the File Sharing login information (for example, I have tried "Username", "Username@domain.com" and "domain.com\Username" as the login info), but I still get the same error.  Can anyone give me a clue?

christian

  • Guest
Re: trying to get Zentyal Additional Domain Controller to join Zentyal DC
« Reply #1 on: September 20, 2013, 07:53:30 am »
Could not bind to AD LDAP server (Simple Bind Failed: NT_STATUS_LOGON_FAILURE).Please check the supplied credentials.

How do you try to achieve this?
This looks like you try to bind against LDAP at port 389 while standard bind (I mean without GSSAPI / Kerberos should be rather done against port 390.

Lonniebiz

  • Zen Samurai
  • ****
  • Posts: 320
  • Karma: +24/-2
    • View Profile
Re: trying to get Zentyal Additional Domain Controller to join Zentyal DC
« Reply #2 on: September 20, 2013, 07:32:57 pm »
I had similar troubles; maybe something in my thread will help:
http://forum.zentyal.org/index.php?topic=15437.0

zippydan

  • Zen Monk
  • **
  • Posts: 80
  • Karma: +1/-0
    • View Profile
Re: trying to get Zentyal Additional Domain Controller to join Zentyal DC
« Reply #3 on: September 21, 2013, 04:39:12 am »
Could not bind to AD LDAP server (Simple Bind Failed: NT_STATUS_LOGON_FAILURE).Please check the supplied credentials.

How do you try to achieve this?
This looks like you try to bind against LDAP at port 389 while standard bind (I mean without GSSAPI / Kerberos should be rather done against port 390.

I'm using the Zentyal WebUI and all the servers are Zentyal...  where should I change the port?

I thought Samba4 does run on port 389, and since I am trying to join using the File Sharing module (I have disabled the Master/Slave link which I believe is LDAP based), is not port 389 the correct one?  I had to use port 390 when I was trying to get LDAP authentication, but I abandoned that path.  I'm pretty sure I am trying to login with kerberos :)
« Last Edit: September 22, 2013, 03:20:06 am by zippydan »

ProNetic.dk

  • Zen Apprentice
  • *
  • Posts: 29
  • Karma: +1/-0
    • View Profile
Re: trying to get Zentyal Additional Domain Controller to join Zentyal DC
« Reply #4 on: September 21, 2013, 08:05:11 am »
I have the same problem. Using the option under File sharing module.
Best Regards
Dan Nimand Gaardbo
CEO
ProNetic
www.pronetic.dk

christian

  • Guest
Re: trying to get Zentyal Additional Domain Controller to join Zentyal DC
« Reply #5 on: September 21, 2013, 09:53:36 am »
So I misunderstood, as usual  :-[, what you described first.
Let me rephrase, just to be sure.

You have installed one Zentyal server as domain controller then deploy second Zentyal server on which LDAP master/slave is NOT enabled because you want this server to join "Samba domain" as secondary controller and when you set this you get this error, is that correct ?
Reading your post, I thought it was rather related to end-user trying to connect not using Windows Gina but rather LDAP based stuff  :-[
I'm confused. Sorry...

zippydan

  • Zen Monk
  • **
  • Posts: 80
  • Karma: +1/-0
    • View Profile
Re: trying to get Zentyal Additional Domain Controller to join Zentyal DC
« Reply #6 on: September 22, 2013, 03:21:52 am »
You have installed one Zentyal server as domain controller then deploy second Zentyal server on which LDAP master/slave is NOT enabled because you want this server to join "Samba domain" as secondary controller and when you set this you get this error, is that correct ?

yes, you understand exactly now :)

zippydan

  • Zen Monk
  • **
  • Posts: 80
  • Karma: +1/-0
    • View Profile
Re: trying to get Zentyal Additional Domain Controller to join Zentyal DC
« Reply #7 on: September 23, 2013, 05:54:05 pm »
soooooo ... can anyone help with this?

ProNetic.dk

  • Zen Apprentice
  • *
  • Posts: 29
  • Karma: +1/-0
    • View Profile
Re: trying to get Zentyal Additional Domain Controller to join Zentyal DC
« Reply #8 on: September 24, 2013, 09:00:13 am »
I got it working. I had to disable the modules on the new installed Zentyal 3.2 server and also delete the modules, and then reinstall it, then it worked.
Best Regards
Dan Nimand Gaardbo
CEO
ProNetic
www.pronetic.dk

zippydan

  • Zen Monk
  • **
  • Posts: 80
  • Karma: +1/-0
    • View Profile
Re: trying to get Zentyal Additional Domain Controller to join Zentyal DC
« Reply #9 on: September 26, 2013, 01:29:25 am »
which modules did you disable and delete and then reinstall?

ProNetic.dk

  • Zen Apprentice
  • *
  • Posts: 29
  • Karma: +1/-0
    • View Profile
Re: trying to get Zentyal Additional Domain Controller to join Zentyal DC
« Reply #10 on: September 27, 2013, 11:55:30 am »
File sharing and users & groups.
Best Regards
Dan Nimand Gaardbo
CEO
ProNetic
www.pronetic.dk