Zentyal Forum, Linux Small Business Server

Zentyal Server => Directory and Authentication => Topic started by: BrunovonTroba on November 28, 2015, 05:25:14 pm

Title: [SOLVED] Connect Zentyal 4.2 to Windows 2012 domain - problems with KDC
Post by: BrunovonTroba on November 28, 2015, 05:25:14 pm

I need urgent help
I'm trying to connect Zentyal 4.2 to existing 2012 domain (server 2012r2 with domain on 2012 level)
After first problems (netbios name was first part of FQDN - changed that with powershell) the only problem is kerberos authentication -
Error output: kinit: krb5_get_init_creds: unable to reach any KDC in realm PSSE.PL
I can ping psse.pl
I can telnet psse.pl port 88
help me please - what is wrong? Is there anthing i have to check on Windows DC/DNS?

Title: Re: Connect Zentyal 4.2 to Windows 2012 domain - problems with KDC
Post by: BrunovonTroba on December 01, 2015, 10:30:24 pm

first part of connection - found reasons of connections problems: during AD DS installation i have also installed DNS server, so AD during configuration did not wanted to configure properly DNS entries. Installation AD DS and domain promotion from clean and not installing DNS resulted in automatic DNS installation and configuration, so KERBEROS and LDAP works fine.

But have other problem:
ERROR(runtime): uncaught exception - DsAddEntry failed
I found it was a problem in samba 4.1 with connection to 2012 and 2012r2 in march-april this year. But Zentyal team says it works now with 2012 (not r2). So i have made 2012 functionality on 2012r2 server and still not works...

So... I have to degrade AD controler to level 2008R2
And everything went smooth
Waiting for 2012 and more - 2012R2 support.