Page 2 of 2 FirstFirst 12
Results 11 to 16 of 16

Thread: Joining a windows domain using YaST - fundamental changes since Leap 15.2 / .3 / .4 ?

  1. #11
    Join Date
    May 2012
    Location
    Finland
    Posts
    2,222

    Default Re: Joining a windows domain using YaST - fundamental changes since Leap 15.2 / .3 / .4 ?

    If you run:
    sudo net ads info -S YOURADSERVERFQDN

    From bash, what does it say?
    .: miuku @ #opensuse @ irc.libera.chat

  2. #12

    Default Re: Joining a windows domain using YaST - fundamental changes since Leap 15.2 / .3 / .4 ?

    Code:
    #Leap 15.0 (AD joined - everything OK):
    
    LDAP server: "valid IP"
    LDAP server name: "valid FQDN of a DC" resolving to LDAP server IP
    Realm: "valid FQDN" of our domain (unique)
    Bind Path: dc=XXX,dc=YYY,dc=ZZZ (same as realm)
    LDAP port: 389
    Server time: Thu, 19 May 2022 19:58:08 CEST
    KDC server: "valid IP" (same as LDAP server)
    Server time offset: 0
    Last machine account password change: Thu, 19 May 2022 00:11:59 CEST
    Code:
    #Leap 15.1 (AD joined - everything OK):
    
    LDAP server: "valid IP" (different one, we have multiple DC)
    LDAP server name: "valid FQDN of a DC" resolving to LDAP server IP
    Realm: valid FQDN" of our domain (unique)
    Bind Path: dc=XXX,dc=YYY,dc=ZZZ (same as realm)
    LDAP port: 389
    Server time: Thu, 19 May 2022 20:02:37 CEST
    KDC server: "valid IP" (same as LDAP server)
    Server time offset: 0
    Last machine account password change: Thu, 19 May 2022 10:18:28 CEST
    Code:
    #Leap 15.2 (AD joined - mostly OK - some smb.conf tweaking after joining):
    
    LDAP server: "valid IP" (different one, we have multiple DC)
    LDAP server name: "valid FQDN of a DC" resolving to LDAP server IP
    Realm: "valid FQDN" of our domain (unique)
    Bind Path: dc=XXX,dc=YYY,dc=ZZZ (same as realm)
    LDAP port: 389
    Server time: Thu, 19 May 2022 20:03:17 CEST
    KDC server: "valid IP" (same as LDAP server)
    Server time offset: 0
    Last machine account password change: Thu, 19 May 2022 10:32:14 CEST
    Code:
    #Leap 15.3 (AD join fails):
    
    LDAP server: 0.0.0.0
    LDAP server name: (null)
    Realm: (null)
    Bind Path: (null)
    LDAP port: 0
    Server time: Thu, 19 May 2022 20:03:30 CEST
    KDC server: "valid IP" (same as LDAP server should be) - IP resolves to proper name with nslookup
    Server time offset: 0
    Last machine account password change: Thu, 01 Jan 1970 01:00:00 CET

  3. #13
    Join Date
    May 2012
    Location
    Finland
    Posts
    2,222

    Default Re: Joining a windows domain using YaST - fundamental changes since Leap 15.2 / .3 / .4 ?

    I think this is the bug;
    https://bugzilla.samba.org/show_bug.cgi?id=14674

    Looks like it works if the server has FSMO roles but fails if it doesn't.

    Can you try the 15.3 version against multiple DCs (the net ads info one)?
    .: miuku @ #opensuse @ irc.libera.chat

  4. #14

    Default Re: Joining a windows domain using YaST - fundamental changes since Leap 15.2 / .3 / .4 ?

    I think that is it!

    On Leap 15.1 I can run "net ads info -S DC.xxx.xxx.xxx" against all of our DCs and it gives proper results for all of them.
    Doing the same on Leap 15.3 I get _one_ usable result and all the other ones fail with the (null) pest. So the chances of getting the right one (round robin DNS) are rather slim.

    Thanks for sleuthing!

  5. #15

    Default Re: Joining a windows domain using YaST - fundamental changes since Leap 15.2 / .3 / .4 ?


  6. #16
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    23,991
    Blog Entries
    1

    Default Re: Joining a windows domain using YaST - fundamental changes since Leap 15.2 / .3 / .4 ?

    Quote Originally Posted by Miuku View Post
    I think this is the bug;
    https://bugzilla.samba.org/show_bug.cgi?id=14674

    Looks like it works if the server has FSMO roles but fails if it doesn't.
    Good catch. That looks like the issue!
    openSUSE Leap 15.3; KDE Plasma 5

Page 2 of 2 FirstFirst 12

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •