I've successfully setup SAMBA AD following the guide at jimshaver.net and have been able to create all of my users without a problem. When I launch GCDS and attempt to test the LDAP connection via LDAP+SSL via port 636 I get the following error: *[2017-06-02 13:32:34,537] [SwingWorker-pool-1-thread-5] [DEBUG] [plugin.ldap.AbstractLdapHandler] javax.naming.AuthenticationException: [LDAP: error code 49 - Simple Bind Failed: NT_STATUS_LOGON_FAILURE]* *[2017-06-02 13:32:34,537] [SwingWorker-pool-1-thread-5] [ERROR] [plugin.ldap.AbstractLdapHandler] Failed to execute query because the object at Base DN: "OU=Test,DC=dc,DC=org" is missing or inaccessible.* *[2017-06-02 13:32:34,537] [SwingWorker-pool-1-thread-5] [DEBUG] [page.ldap.LdapTestConnectionWorker] RuntimeException in executeRule: Failed to execute query because the object at Base DN: "OU=Test,DC=dc,DC=org" is missing or inaccessible.* As a test I've enabled Anonymous browsing and the base dn of "dc=dc,dc=org" is able to be queried however, it still won't find any OU giving me the same error "is missing or inaccessible". I've reached out to Google but they were little help and seemed frustrated that I was attempting to use SAMBA4. Has anyone successfully used GCDS with Samba4 acting as AD? -- William Muller Technology Coordinator Greeneview Local Schools
On Fri, 2 Jun 2017 13:39:15 -0400 William Muller via samba <samba at lists.samba.org> wrote:> I've successfully setup SAMBA AD following the guide at jimshaver.net > and have been able to create all of my users without a problem. When > I launch GCDS and attempt to test the LDAP connection via LDAP+SSL > via port 636 I get the following error:Why didn't you follow the Samba wiki ? Not saying there is anything wrong with the howto you referred to, OK, I am a liar, there is lots wrong with it ;-) you don't need most of the first lot of packages, they are needed if you are going to compile Samba yourself. The howto uses ext4, so you don't need to modify /etc/fstab. [quote] We need to be certain that dc1 always resolves to localhost. [/quote] No you don't, it needs to resolv to the DCs ipaddress and FQDN, 127.0.1.1 should be removed. 'ntp' isn't setup correctly, no 'ntpsigndsocket' line and 'mssntp' isn't mentioned. He seems to be using '192.168.0.1' as the forwarder, not saying you cannot, but pound to a penny, that is his router and hence his gateway, probably better using something like '8.8.8.8' instead. There other things that you need to do, such as test various 'host' settings.> > *[2017-06-02 13:32:34,537] [SwingWorker-pool-1-thread-5] [DEBUG] > [plugin.ldap.AbstractLdapHandler] > javax.naming.AuthenticationException: [LDAP: error code 49 - Simple > Bind Failed: NT_STATUS_LOGON_FAILURE]* *[2017-06-02 13:32:34,537] > [SwingWorker-pool-1-thread-5] [ERROR] > [plugin.ldap.AbstractLdapHandler] Failed to execute query because the > object at Base DN: "OU=Test,DC=dc,DC=org" is missing or > inaccessible.* *[2017-06-02 13:32:34,537] > [SwingWorker-pool-1-thread-5] [DEBUG] > [page.ldap.LdapTestConnectionWorker] RuntimeException in executeRule: > Failed to execute query because the object at Base DN: > "OU=Test,DC=dc,DC=org" is missing or inaccessible.* > > As a test I've enabled Anonymous browsing and the base dn of > "dc=dc,dc=org" is able to be queried however, it still won't find any > OU giving me the same error "is missing or inaccessible". > > I've reached out to Google but they were little help and seemed > frustrated that I was attempting to use SAMBA4. > > Has anyone successfully used GCDS with Samba4 acting as AD? >Not sure if anybody has used GCDS, but have you actually created any 'OUs', there are none by default. Rowland
Yes I've used RSAT to create OUs and then populated them with users. On Fri, Jun 2, 2017 at 2:24 PM, Rowland Penny <rpenny at samba.org> wrote:> On Fri, 2 Jun 2017 13:39:15 -0400 > William Muller via samba <samba at lists.samba.org> wrote: > > > I've successfully setup SAMBA AD following the guide at jimshaver.net > > and have been able to create all of my users without a problem. When > > I launch GCDS and attempt to test the LDAP connection via LDAP+SSL > > via port 636 I get the following error: > > Why didn't you follow the Samba wiki ? > > Not saying there is anything wrong with the howto you referred to, OK, > I am a liar, there is lots wrong with it ;-) > > you don't need most of the first lot of packages, they are needed if > you are going to compile Samba yourself. > > The howto uses ext4, so you don't need to modify /etc/fstab. > > [quote] We need to be certain that dc1 always resolves to localhost. > [/quote] > > No you don't, it needs to resolv to the DCs ipaddress and FQDN, > 127.0.1.1 should be removed. > > 'ntp' isn't setup correctly, no 'ntpsigndsocket' line and 'mssntp' > isn't mentioned. > > He seems to be using '192.168.0.1' as the forwarder, not saying you > cannot, but pound to a penny, that is his router and hence his gateway, > probably better using something like '8.8.8.8' instead. > > There other things that you need to do, such as test various 'host' > settings. > > > > > > *[2017-06-02 13:32:34,537] [SwingWorker-pool-1-thread-5] [DEBUG] > > [plugin.ldap.AbstractLdapHandler] > > javax.naming.AuthenticationException: [LDAP: error code 49 - Simple > > Bind Failed: NT_STATUS_LOGON_FAILURE]* *[2017-06-02 13:32:34,537] > > [SwingWorker-pool-1-thread-5] [ERROR] > > [plugin.ldap.AbstractLdapHandler] Failed to execute query because the > > object at Base DN: "OU=Test,DC=dc,DC=org" is missing or > > inaccessible.* *[2017-06-02 13:32:34,537] > > [SwingWorker-pool-1-thread-5] [DEBUG] > > [page.ldap.LdapTestConnectionWorker] RuntimeException in executeRule: > > Failed to execute query because the object at Base DN: > > "OU=Test,DC=dc,DC=org" is missing or inaccessible.* > > > > As a test I've enabled Anonymous browsing and the base dn of > > "dc=dc,dc=org" is able to be queried however, it still won't find any > > OU giving me the same error "is missing or inaccessible". > > > > I've reached out to Google but they were little help and seemed > > frustrated that I was attempting to use SAMBA4. > > > > Has anyone successfully used GCDS with Samba4 acting as AD? > > > > Not sure if anybody has used GCDS, but have you actually created any > 'OUs', there are none by default. > > Rowland >-- William Muller Technology Coordinator Greeneview Local Schools