Join linux client to samba domain

Similar Messages

• Unable to join the client machine into domain in low banswidth 16kbps

  Hi,<o:p></o:p>
  I'm unable to join the client machine into domain which is in low bandwidth 16 kbps.but i can able join other machine into domain which is having
  more bandwidth,please help me on this issue<o:p></o:p>

  Depending on the version of your domain, you could try an offline join.
  http://technet.microsoft.com/en-us/library/offline-domain-join-djoin-step-by-step(v=WS.10).aspx
  Paul Bergson
  MVP - Directory Services
  MCITP: Enterprise Administrator
  MCTS, MCT, MCSE, MCSA, Security, BS CSci
  2012, 2008, Vista, 2003, 2000 (Early Achiever), NT4
  Twitter @pbbergs http://blogs.dirteam.com/blogs/paulbergson
  Please no e-mails, any questions should be posted in the NewsGroup.
  This posting is provided AS IS with no warranties, and confers no rights.
  I would say that it depends on the client OS (Windows 7 or Windows 8) if offline domain join could be used or not, not that much regarding the level of the domain, you can always use the
  /downlevel switch to target a DC running Windows Server 2003 for example.
  Enfo Zipper
  Christoffer Andersson – Principal Advisor
  http://blogs.chrisse.se - Directory Services Blog

• Domain Join between Client Network and RODC Netzwork

  Hi there
  i have the following Network Setup (all Servers are 2008 R2 with SP)
  If i try to Join the DB Server to our Domain via offline Join(DJOIN) everything is working fine.
  But if i try to join the Clients to our Domain, the login fails with the message "no authentification servers available"
  I also checked the network logs via wireshark and i found this
  CLIENT ->RODC DNS 97 Standard
  query 0xea67  SRV _kerberos._tcp.dc._msdcs.Domäne
  RODC -> CLIENT DNS 200 Standard
  query response 0xea67  SRV 0 100 88 DC2.DOMÄNE SRV 0 100 88 DC.DOMÄNE
  After that the client seems to try to reach our DC via CLDAP(which is not allowed on the firewall)
  CLIENT ->
  DC CLDAP 207 searchRequest(6987)
  "<ROOT>" baseObject 
  Is that normal? i thought the clients only need a connection to the RODC Server, and the RODC Server is going to make the LDAP Connection to the DCs.

  Hi,
  Firstly check if the Subnet of client is associated to correct Site. After that you can create a entry in Registry of client so that it can go to that particular site of RODC.
  Navigate to: HKLM\System\CurrentControlSet\Services\Netlogon\Parameters
  String VAlue: SiteName and mention the site name of the RODC server.

• Trying to learn how to setup Linux Domain with Linux client

  Okay I know I might get some problems for this, but I am trying to setup a ubuntu based server (domain), with an arch based client.  I am having a hard time getting the two to cooperate and working with centralized passwords and roaming profiles.  I am a real newbie when it comes to linux, much less samba server.  This is where I chose to start off since I do have an interest in networking,

  Welcome to the forums.
  We can't help you with the Ubuntu side of things obviously, but I think you might get some usefull info from the Samba Wiki article.

• Joining Windows client to Leopard PDC domain

  Leopard Server 10.5.2 providing OD, AD PDC, DHCP, DNS, AFP, SMB all on and "running"
  XServe Intel
  Mainly Windows XP clients but also some OS X clients
  I am trying to set up a Leopard server to host a domain on our internal company LAN. I have followed the tutorials in "Mac OS X Server Essentials 10.5" and also referred to the "Open Directory Admin Guide" as well as the "Network Services Admin Guide" and am stuck in a few places.
  One issue I am having is trying to join an XP client to the domain so that I can use account login and home folder access which is on the Leopard server. My 10.5 client machine can login and access the home folder fine but when I try to join the XP machine I get the following error on the PC:
  "A domain controller for the domain mycompany.com could not be contacted. Ensure that the domain name is typed correctly."
  I then click on Details and get the following:
  "The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain mycompany.com:
  The error was "DNS name does not exist."
  (error code 0x0000232B RCODENAMEERROR)
  The query was for the SRV record for ldap._tcp.dc.msdcs.mycompany.com"
  DHCP seems to be handing out IP addresses fine but does not hand out LDAP info. e.g. My Leopard client cannot get the LDAP via DHCP even though this is configured (according to the "Essentials" book) in the Directory Utility, it will only see the Domain controller/LDAP if I manually enter the info into it's Directory Utility. I'm wondering if this has something to do with PC not finding the domain?
  What concerns me is the lack of configuration in DNS - so far I have only set up a primary zone for the domain mycompany.com with the correct primary zone name: mycompany.com. and nameserver: xserve1.mycompany.com. as well as a machine record within the zone for the server, machine name: xserve1 and IP address: 192.168.0.1 (the relevant reverse info is ok)
  I have seen some discussions online that indicate I need to enter more DNS info e.g. an LDAP service record etc. but there is no mention of this in the Directory admin manual under setting up a PDC. Is this true and if so can anyone advise me as to how to enter these in Server Admin?
  I am a complete beginner to server admin and command line tools but would really appreciate any help in the matter!
  Thanks

  Hi Leif - thanks for the reply,
  Maybe "broadcasting" in terms of the DHCP response was the wrong word for me to use but I see what you are saying...
  I have tried this Terminal command and got the following but can't see any reference to NetBIOS/WINS server address, just the scope and node info I currently have set. The WINS/SMB server is on the same xserve unit (192.168.0.1) and have tried joining with no scope and node settings as well as node type=H.)
  ipconfig getpacket en0
  op = BOOTREPLY
  htype = 1
  flags = 0
  hlen = 6
  hops = 0
  xid = 1499456152
  secs = 0
  ciaddr = 0.0.0.0
  yiaddr = 192.168.0.33
  siaddr = 192.168.0.1
  giaddr = 0.0.0.0
  chaddr = 0:17:f2:31:65:4a
  sname = xserve1.MYCOMPANY.com
  file =
  options:
  Options count is 12
  dhcpmessagetype (uint8): ACK 0x5
  server_identifier (ip): 192.168.0.1
  lease_time (uint32): 0x14e20
  subnet_mask (ip): 255.255.255.0
  router (ip_mult): {192.168.0.1}
  domainnameserver (ip_mult): {192.168.0.1}
  domain_name (string): MYCOMPANY.com
  domain_search (dns_namelist): {MYCOMPANY.com}
  ldap_url (string): ldap://xserve1.MYCOMPANY.com/dc=xserve1,dc=MYCOMPANY,dc=com
  nbover_tcpip_nodetype (uint8): 0x8
  nbover_tcpipscope (string): MYCOMPANY
  end (none):
  I used Wireshark on the PC client machine and got the following. Note that the DHCP Offer packet contains no option 44 (which AFAIK is what identifies the WINS server to clients) so the DHCP is not sending the address out.
  No. Time Source Destination Protocol Info
  3 2.996281 192.168.0.1 192.168.0.31 DHCP DHCP Offer - Transaction ID 0x2a7dee67
  Frame 3 (342 bytes on wire, 342 bytes captured)
  Ethernet II, Src: Apple_f2:03:08 (00:1e:52:f2:03:08), Dst: Micro-St_ff:86:a2 (00:10:dc:ff:86:a2)
  Internet Protocol, Src: 192.168.0.1 (192.168.0.1), Dst: 192.168.0.31 (192.168.0.31)
  User Datagram Protocol, Src Port: bootps (67), Dst Port: bootpc (68)
  Bootstrap Protocol
  Message type: Boot Reply (2)
  Hardware type: Ethernet
  Hardware address length: 6
  Hops: 0
  Transaction ID: 0x2a7dee67
  Seconds elapsed: 0
  Bootp flags: 0x0000 (Unicast)
  Client IP address: 0.0.0.0 (0.0.0.0)
  Your (client) IP address: 192.168.0.31 (192.168.0.31)
  Next server IP address: 192.168.0.1 (192.168.0.1)
  Relay agent IP address: 0.0.0.0 (0.0.0.0)
  Client MAC address: Micro-St_ff:86:a2 (00:10:dc:ff:86:a2)
  Server host name: xserve1.MYCOMPANY.com
  Boot file name not given
  Magic cookie: (OK)
  Option: (t=53,l=1) DHCP Message Type = DHCP Offer
  Option: (53) DHCP Message Type
  Length: 1
  Value: 02
  Option: (t=54,l=4) Server Identifier = 192.168.0.1
  Option: (54) Server Identifier
  Length: 4
  Value: C0A80001
  Option: (t=51,l=4) IP Address Lease Time = 59 minutes, 24 seconds
  Option: (51) IP Address Lease Time
  Length: 4
  Value: 00000DEC
  Option: (t=1,l=4) Subnet Mask = 255.255.255.0
  Option: (1) Subnet Mask
  Length: 4
  Value: FFFFFF00
  Option: (t=15,l=13) Domain Name = "MYCOMPANY.com"
  Option: (15) Domain Name
  Length: 13
  Value: 64656C616E656C65612E636F6D
  Option: (t=3,l=4) Router = 192.168.0.1
  Option: (3) Router
  Length: 4
  Value: C0A80001
  Option: (t=6,l=4) Domain Name Server = 192.168.0.1
  Option: (6) Domain Name Server
  Length: 4
  Value: C0A80001
  Option: (t=46,l=1) NetBIOS over TCP/IP Node Type = B-node
  Option: (46) NetBIOS over TCP/IP Node Type
  Length: 1
  Value: 01
  End Option
  Padding
  I also looked at what happens at the point when I try to join the PC to the domain with and without the WINS server IP address manually entered on the PC's network settings:
  Manual WINS setting communications:
  2 17.727677 192.168.0.31 192.168.0.1 DNS Standard query SRV ldap._tcp.dc.msdcs.MYCOMPANY.com
  Domain Name System (query)
  3 17.728106 192.168.0.1 192.168.0.31 DNS Standard query response, No such name
  Domain Name System (response)
  4 17.733483 192.168.0.31 192.168.0.1 NBNS Name query NB MYCOMPANY.COM<1c>
  NetBIOS Name Service
  5 17.733833 192.168.0.1 192.168.0.31 NBNS Name query response NB 192.168.0.1
  NetBIOS Name Service
  DHCP-reliant WINS configuration communications:
  1 0.000000 192.168.0.31 192.168.0.1 DNS Standard query SRV ldap._tcp.dc.msdcs.MYCOMPANY.com
  Domain Name System (query)
  2 0.000396 192.168.0.1 192.168.0.31 DNS Standard query response, No such name
  Domain Name System (response)
  3 0.000729 192.168.0.31 192.168.0.255 NBNS Name query NB MYCOMPANY.COM<1c>
  NetBIOS Name Service
  4 0.740454 192.168.0.31 192.168.0.255 NBNS Name query NB MYCOMPANY.COM<1c>
  NetBIOS Name Service
  5 1.490399 192.168.0.31 192.168.0.255 NBNS Name query NB MYCOMPANY.COM<1c>
  NetBIOS Name Service
  If anyone has any ideas...
  Thanks

• Windows 2012 R2 ADRMS domain controller version and Non-domain-joined Mac Client with outlook 2011

  Hi,
  What is the AD version for Windows 2012R2 ADRMS?  Is it possible to have Windows 2003 R2 DC with Windows 2012R2 ADRMS?
  Any installation guide Non-domain-joined Mac Client with outlook 2011?
  What is the SQL version for Windows 2012R2 ADRMS?
  Please advise.  Thanks.
  Kelvin Teang

  Hi Kelvin -
  There is no RMS Client for Macs.  That functionality is actually provided through the Office for Mac application (this is different compared to the PC).  Domain-joined clients will autodiscover the RMS server and should be able to create and consume
  protected content.  Non-domain-joined clients cannot automatically discover their RMS server.  In this scenario, prepare a protected document or email from a domain-joined machine and send it to your non-domain-joined users.  They will open
  the document or email up and the URLs contained in the publishing license of the document will direct them to the correct RMS server. 
  I hope that helps!
  Micah LaNasa
  Synergy Advisors
  synergyadvisors.biz

• Print services and linux clients

  Hi,
  I'm installing a Windows Server 2012R2 as a printer server. It must give support to all kind of clients (windows, os x and linux).
  Then, I must use event id 307 and 805 to count printed pages.
  My question is related with event 307 and linux clients. I'm asking linux users to configure their CUPS to connect using samba printer, for example, \\server\printer001 but when I check event id, I get no file name (Remote Downlevel Document), and most important,
  I get 0 printed pages in param8. I did some testing using IPP, but I were not able to configure a printer in linux (couldn't manage to make linux clients to validate with their domain user account when using IPP). I tried configuring printer on server to render
  jobs in server with no luck. Tried PS drivers just in case it was easier to CUPS to send info to server, but no luck either.
  So, basically, is there any way to configure server (or linux client) so I get page count in event 307 in printservice? If I must configure IPP printing, how may clients configure their printers to validate using domain accounts?
  Thanks!

  Hi,
  Sorry for delaying in reply.
  Linux clients see page count. I've paused printing and checked some documents. Property page from a linux client document shows as this:
  Documents sent from windows clients show same but they've document name and page count.
  SPL archive copied from spooler printer on Windows server shows that info is present too:
  %!PS-Adobe-3.0
  %%Creator: cairo 1.9.5 (http://cairographics.org)
  %%CreationDate: Thu Jun 19 14:15:48 2014
  %%DocumentData: Clean7Bit
  %%LanguageLevel: 2
  %%DocumentMedia: Letter 612 792 0 () ()
  %%Orientation: Portrait
  %%For: (testuser)
  %%Title: (Phaser 5500 Descarga del archivo)
  %RBINumCopies: 1
  %%Pages: (atend)
  %%BoundingBox: (atend)
  %%EndComments
  %%BeginProlog
  %%BeginFeature: *JobPatchFile 1
  % Default Definitions
  userdict /xerox$pagedevice <<
  /MediaClass null
  /MediaPosition null
  /PageSize [612 792]
  /TraySwitch true
  /ManualFeed false
  /ImagingBBox null
  /ProcessColorModel /DeviceGray
  /DeviceRenderingInfo currentpagedevice 1 index get 1 dict copy
  /PostRenderingEnhance false
  /Install {
  xerox$old_install xerox$flip {
  currentpagedevice /PageSize get aload pop translate 180 rotate
  } if
  >> put
  <--- snip snip REMOVED FOR SIMPLICITY snip snip ------>
  showpage
  %%Trailer
  %%Pages: 1
  %%BoundingBox: 0 0 612 792
  %%EOF
  Linux client used official PPD file downloaded from xerox webpage for linux
  cups. Windows server uses Xerox Global Print Driver PS 5347.600.0.0 type 3 with
  Render print jobs on client computers as suggested by Alan before.
  Any other idea?

• Centos Linux Client Help Needed

  Hi,
  Does anyone have a clear guide to setting up Centos Linux clients to use the same home folders and authentication as mac and MS Windows clients on Tiger Server please.
  I have tried the LDAP tool in centos and put dc=myserver,dc=mydomain,dc=co,dc=uk in but it doesnt seem to authenticate at all, is there some other settings server side or some cn= parts I may need to add to the LDAP settings. If there is wheres the best place to obtain that info from the server?
  I really would like this to be possible so I can replace the classroom windows machines with a thin client centos solution.
  Many thanks

  PsyMan wrote:
  Hi,
  Does anyone have a clear guide to setting up Centos Linux clients to use the same home folders and authentication as mac and MS Windows clients on Tiger Server please.
  I have tried the LDAP tool in centos and put dc=myserver,dc=mydomain,dc=co,dc=uk in but it doesnt seem to authenticate at all, is there some other settings server side or some cn= parts I may need to add to the LDAP settings. If there is wheres the best place to obtain that info from the server?
  I really would like this to be possible so I can replace the classroom windows machines with a thin client centos solution.
  Many thanks
  Hi Psyman,
  we have a couple of servers running CentOS and authenticating their users against OD. Homes are mounted via nfs, though it shouldn't be a problem to do it via samba.
  We have the client side as well the server side documented quite well I'd say, in a crude mixture of english and german though.
  should you be interested in the whole thing or need help, mail me, fke at kesslernetworks dot de
  Regards, Florian
  Here's the extract of what we do -via script- to our servers to 'join' them...
  cat << EOF > /etc/krb5.conf
  [logging]
  default = FILE:/var/log/krb5libs.log
  kdc = FILE:/var/log/krb5kdc.log
  admin_server = FILE:/var/log/kadmind.log
  [libdefaults]
  default_realm = OEW.DE
  dnslookuprealm = false
  dnslookupkdc = false
  [realms]
  OEW.DE = {
  kdc = od1.oew.de:88
  admin_server = od1.oew.de:749
  default_domain = od1.oew.de
  [domain_realm]
  .od1.oew.de = OEW.DE
  od1.oew.de = OEW.DE
  [kdc]
  profile = /var/kerberos/krb5kdc/kdc.conf
  [appdefaults]
  pam = {
  debug = false
  ticket_lifetime = 36000
  renew_lifetime = 36000
  forwardable = true
  krb4_convert = false
  EOF
  cat << EOF > /etc/krb.conf
  OEW.DE
  OEW.DE od1.oew.de
  OEW.DE od1.oew.de admin server
  EOF
  cat << EOF > /etc/nsswitch.conf
  passwd: files ldap
  shadow: files ldap
  group: files ldap
  hosts: files dns
  bootparams: files
  ethers: files
  netmasks: files
  networks: files
  protocols: files ldap
  rpc: files
  services: files ldap
  netgroup: files ldap
  publickey: files
  automount: files ldap
  aliases: files
  EOF
  cat << EOF > /etc/ldap.conf
  host od1.oew.de
  base cn=users,dc=oew,dc=de
  nssbasegroup cn=groups,dc=oew,dc=de
  timelimit 120
  bind_timelimit 120
  idle_timelimit 3600
  ssl no
  tls_cacertdir /etc/openldap/cacerts
  pam_password md5
  EOF
  cat << EOF > /etc/pam.d/system-auth
  #%PAM-1.0
  # This file is auto-generated.
  # User changes will be destroyed the next time authconfig is run.
  auth required /lib/security/\$ISA/pam_env.so
  auth sufficient /lib/security/\$ISA/pam_unix.so likeauth nullok
  auth sufficient /lib/security/\$ISA/pam_krb5.so usefirstpass
  auth required /lib/security/\$ISA/pam_deny.so
  account required /lib/security/\$ISA/pam_unix.so broken_shadow
  account sufficient /lib/security/\$ISA/pamsucceedif.so uid < 100 quiet
  account [default=bad success=ok user_unknown=ignore] /lib/security/\$ISA/pam_krb5.so
  account required /lib/security/\$ISA/pam_permit.so
  password requisite /lib/security/\$ISA/pam_cracklib.so retry=3
  password sufficient /lib/security/\$ISA/pam_unix.so nullok use_authtok md5 shadow
  password sufficient /lib/security/\$ISA/pam_krb5.so use_authtok
  password required /lib/security/\$ISA/pam_deny.so
  session required /lib/security/\$ISA/pam_limits.so
  session required /lib/security/\$ISA/pam_unix.so
  session optional /lib/security/\$ISA/pam_krb5.so debug
  EOF
  cat << EOF >> /etc/fstab
  # user dirs per nfs
  od1.oew.de:/Users /Network/Servers/od1.oew.de/Users nfs rw,hard,intr 0 0
  filesrv1.oew.de:/Volumes/xraid1/shares/Users /Network/Servers/filesrv1.oew.de/Volumes/xraid1/shares/Users nfs rw,hard,intr 0 0
  EOF
  mkdir -p /Network/Servers/od1.oew.de/Users
  mkdir -p /Network/Servers/filesrv1.oew.de/Volumes/xraid1/shares/Users
  mount -a
  chkconfig netfs on

• Cannot join Server 2012 machine to domain

  I am trying to join a clean  Server 2012 machine configured with Active Directory Domain Services and DNS features enabled to a domain (alekatest.com) which I have purchased. The Active Directory Domain Services option in Server Manager advises me that
  the server requires promotion to a Domain Controller, but if I select "Add a domain controller to an existing domain" and enter "alekatest.com", and supply Domain Admin  credentials I get a message "Encountered an error contacting
  domain alekatest.com. The server is not operational". The DNS server has address 10.0.0.2.
  When I try and change from workgroup to new domain alekatest.com, it fails with the message "No records found for given DNS query. The query was for the SRV record for _ldap._tcp.dc._msdcs.alekatest.com". The server is connected by Ethernet to
  a wireless router in a home network.
  The ipconfig/all data from the server is:
  Windows IP Configuration
     Host Name . . . . . . . . . . . . : SERVER2012
     Primary Dns Suffix  . . . . . . . :
     Node Type . . . . . . . . . . . . : Broadcast
     IP Routing Enabled. . . . . . . . : No
     WINS Proxy Enabled. . . . . . . . : No
  Ethernet adapter Ethernet:
     Connection-specific DNS Suffix  . :
     Description . . . . . . . . . . . : Intel(R) 82567LM-3 Gigabit Network Connecti
     Physical Address. . . . . . . . . : 00-26-B9-82-D5-76
     DHCP Enabled. . . . . . . . . . . : No
     Autoconfiguration Enabled . . . . : Yes
     IPv4 Address. . . . . . . . . . . : 10.0.0.2(Preferred)
     Subnet Mask . . . . . . . . . . . : 255.255.255.0
     Default Gateway . . . . . . . . . : 10.0.0.138
     DNS Servers . . . . . . . . . . . : 10.0.0.2
     NetBIOS over Tcpip. . . . . . . . : Enabled
  Tunnel adapter Teredo Tunneling Pseudo-Interface:
     Connection-specific DNS Suffix  . :
     Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
     Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
     DHCP Enabled. . . . . . . . . . . : No
     Autoconfiguration Enabled . . . . : Yes
     IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:386b:2023:f5ff:fffd(Prefer
     Link-local IPv6 Address . . . . . : fe80::386b:2023:f5ff:fffd%14(Preferred)
     Default Gateway . . . . . . . . . : ::
     DHCPv6 IAID . . . . . . . . . . . : 335544320
     DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-FC-79-E8-00-26-B9-82-D5-76
     NetBIOS over Tcpip. . . . . . . . : Disabled
  Tunnel adapter isatap.{6945E26E-B530-4271-8CF1-AD4BC13AF147}:
     Media State . . . . . . . . . . . : Media disconnected
     Connection-specific DNS Suffix  . :
     Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
     Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
     DHCP Enabled. . . . . . . . . . . : No
     Autoconfiguration Enabled . . . . : Yes
  Tunnel adapter Reusable ISATAP Interface {74B5ED96-D12C-413B-9ED4-5B6270328AE0}:
     Media State . . . . . . . . . . . : Media disconnected
     Connection-specific DNS Suffix  . :
     Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
     Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
     DHCP Enabled. . . . . . . . . . . : No
     Autoconfiguration Enabled . . . . : Yes
  Tunnel adapter Reusable ISATAP Interface {A9E91CEE-5350-4ACA-934D-D2AA5188B694}:
     Media State . . . . . . . . . . . : Media disconnected
     Connection-specific DNS Suffix  . :
     Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
     Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
     DHCP Enabled. . . . . . . . . . . : No
     Autoconfiguration Enabled . . . . : Yes
  I can ping alekatest.com from the server:
  Pinging alekatest.com [203.170.87.12] with 32 bytes of data:
  Reply from 203.170.87.12: bytes=32 time=86ms TTL=50
  Reply from 203.170.87.12: bytes=32 time=109ms TTL=50
  Reply from 203.170.87.12: bytes=32 time=106ms TTL=50
  Reply from 203.170.87.12: bytes=32 time=81ms TTL=50
  and  nslookup alekatest.com returns
  Server:  UnKnown
  Address:  10.0.0.2
  Non-authoritative answer:
  Name:    alekatest.com
  Address:  203.170.87.12
  if I try to return srv records from alekatest.com as follows, no records are returned
  PS C:\Users\Administrator> nslookup
  Default Server:  UnKnown
  Address:  10.0.0.2
  > set q=srv
  > _ldap._tcp.dc._msdcs.alekatest.com
  Server:  UnKnown
  Address:  10.0.0.2
  _ldap._tcp.dc._msdcs.alekatest.com
          primary name server = ns1.crazydomains.com
          responsible mail addr = dns.crazydomains.com
          serial  = 2010010101
          refresh = 7200 (2 hours)
          retry   = 120 (2 mins)
          expire  = 1209600 (14 days)
          default TTL = 3600 (1 hour)
  In order to add an srv record I would appear to need to access the server ns1.crazydomains.com, which I doubt is possible.
  Any help would be much appreciated

  You're confusing DNS Domains and Active Directory Domains. While there are similarities the two are and do completely different things.
  A DNS domain, in your case alekatest.com hosted by crazydomains.com is used to direct people to resources, for instance on the internet, to get to things like your website, email etc. It's not specific to Windows, and generally speaking after purchasing
  it from a 3rd party you control what the DNS records are through that 3rd party.
  An Active Directory domain is what you're referring to when you talk about joining a machine to a domain, setting up users on a domain, controlling access to resources on your network etc. This doesn't require you to purchase a domain from a 3rd party, and
  could potentially be called anything you like.
  So, in terms of your AD server, assuming you don't already have an AD domain configured on another AD controller on the network, when you do the setup you'll need to select the option to create a new domain. You could then set it to use alekatest.com, but
  that isn't recommended as you can get into all kinds of issues with your local and public DNS records conflicting, so unless you know what you're doing and why you're doing it I'd suggest avoiding that. A better idea would be to set the AD domain to something
  like alekatest.local. That would then become the local domain, so for instance your users would login as akekatest\<username> on the domain, and your local machines can then be joined to that domain.
  Once all that is done, if you did need to have local records for alekatest.com pointing to local resources, there's nothing stopping you from adding that zone into DNS Manager on the AD server and configuring the records accordingly, however be aware that
  once you did that your server would assume that it has all the records for the domain. So if you had a website configured on
  www.alekatest.com and had the DNS records for that pointing to your website hosted somewhere else via your domain provider, if you didn't re-create that same record on your local copy of the domain then you'll be unable
  to reach that website from your local network (since your users will be trying to find it locally rather than on the internet).
  Hope that makes sense.

• ACS 3.3.4 with Linux client

  I've got some problems with a Linux wireless network connection. NetworkManager is installed on the Linux laptop. PEAP profile is created.
  When the default Character String in ACS points to "Self" or his own IP adress, the Linux client can authenticate and succesfully log in to the wireless network.
  When the default "Character String" is set to an extended RADIUS server, the client cannot login anymore. I created a new "Character String" that contains the @domain.local suffix. It is not working. Same problem for a Nokia (Symbian) cellphone.
  What can it be ?

  ACS 3.0(4) is only supported on Windows 2000/NT and not 2003

• EBS forms not opening in Linux client machine

  Hi all,
  In our network some client machines are linux (redhat 4) and when we access the EBS (11.5.10) thru browser (Mozilla firefox) , it works until clicking icon for forms.
  There is no java applet opening. What should we do invoke oracle apps forms.
  regards
  ravi

  There is no jinit for Linux. You need to configure the Linux instance to open the 1.5.0 sun java plugin that you have installed on your Linux client machine.
  The resolution is in the link provided by hsawwan:
  Go to $APPL_TOP/admin, and in sid_host.xml ($CONTEXT_FILE),
  replace
  <sun_plugin_ver oa_var="s_sun_plugin_ver">1.4.2_04</sun_plugin_ver>
  with
  <sun_plugin_ver oa_var="s_sun_plugin_ver">1.5.0_13</sun_plugin_ver>
  Then run autoconfig.
  Or cd to $OA_HTML/bin and edit appsweb_sid_host.cfg:
  Search for the lines:
  ; 4a) Sun JDK Plugin Parameters
  ; These parameters define the Sun's java plug-in to be used
  sun_plugin_mimetype=application/x-java-applet;jpi-version=1.4.2_04
  sun_plugin_classid=clsid:CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA
  sun_plugin_url=http://host.domain:port/OA_HTML/oajinit.exe
  sun_plugin_version=1.4.2_04
  sun_plugin_legacy_lifecycle=false
  change the 1.4.2_04 entries to 1.5.0_13
  sun_plugin_mimetype=application/x-java-applet;jpi-version=1.5.0_13
  sun_plugin_classid=clsid:CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA
  sun_plugin_url=http://host.domain:port/OA_HTML/oajinit.exe
  sun_plugin_version=1.5.0_13
  And bounce apache and forms server.
  This way, WIndows users still open with Jinitiator. This change has no effect for Windows users.

• How Do I Join a Workstation to a Domain

  I'm trying to join a workstation to my domain (Server 2012 R2 Foundation).  I've set the workstation up with a static internal IP address (192.168.1.2), and can both ping the server from the workstation and the workstation from the server.  When
  I go into system properties and change the workstation from a workgroup to the domain (Averihire.local), I get an error message saying that "An Active Directory Domain Congroller (AD DC) for the domain "Averihire.local" could not be contacted".
  I'm very new to servers, so I suspect there's something else that needs to be done on the workstation and/or the server, but I haven't a clue to what it would be.
  I'd very much appreciate it if someone explaining what steps must be taken in order to join the workstation to the domain.
  Capt. Dinosaur

  What DNS address did you assign to the workstation?  It should be the IP address of your domain controller.  If that's not the problem, please post the output from ipconfig /all from both the workstation and the domain controller.  That
  error is almost always a network configuration issue.. : | : . : | : . tim
  I'm afraid I'm terribly confused here.  When I posted my question above, I had set up the workstation's static IP Address to the same as the automatic one (i.e. 192.168.1.2).  That gave me the error I cited above.  After reading your
  post, I changed it to the IP Address of the server (i.e. 192.168.1.8), and when I saved it I got an error saying that there are two computers on the network with the same IP Address, and, of course, when I then tried to add it to the domain, I got
  the same error as above.  Also, each time I try to set the workstation's IP Address to the 192.168.1.2, within a minute or two, the workstation loses it's internet connection.  Here's the ipconfig /all for the server
  Windows IP Configuration
  Host Name . . . . . . . . . . . . : AVDC1
  Primary Dns Suffix . . . . . . . : Averihire.local
  Node Type . . . . . . . . . . . . : Hybrid
  IP Routing Enabled. . . . . . . . : No
  WINS Proxy Enabled. . . . . . . . : No
  DNS Suffix Search List. . . . . . : Averihire.local
  Ethernet adapter Ethernet:
  Connection-specific DNS Suffix . :
  Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
  Physical Address. . . . . . . . . : D4-AE-52-D5-3C-03
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes
  Link-local IPv6 Address . . . . . : fe80::51ca:6bd:aa5c:b3e7%12(Preferred)
  IPv4 Address. . . . . . . . . . . : 192.168.1.8(Preferred)
  Subnet Mask . . . . . . . . . . . : 255.255.255.0
  Default Gateway . . . . . . . . . : 192.168.1.1
  DHCPv6 IAID . . . . . . . . . . . : 315928146
  DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-C1-57-A0-D4-AE-52-D5-3C-03
  DNS Servers . . . . . . . . . . . : ::1
  127.0.0.1
  NetBIOS over Tcpip. . . . . . . . : Enabled
  Tunnel adapter isatap.{CC3EB832-8869-48E5-B39C-0CDB5BB27590}:
  Media State . . . . . . . . . . . : Media disconnected
  Connection-specific DNS Suffix . :
  Description . . . . . . . . . . . : Microsoft ISATAP Adapter
  Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes
  Here's the DNS from the Workstation, but with dynamic DNS.  Every time I try to set up a static IP there it loses its internet connection:
  Windows IP Configuration
  Host Name . . . . . . . . . . . . : Averi02
  Primary Dns Suffix . . . . . . . :
  Node Type . . . . . . . . . . . . : Hybrid
  IP Routing Enabled. . . . . . . . : No
  WINS Proxy Enabled. . . . . . . . : No
  Ethernet adapter Local Area Connection:
  Connection-specific DNS Suffix . :
  Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller
  Physical Address. . . . . . . . . : 00-1A-A0-2D-F4-0D
  DHCP Enabled. . . . . . . . . . . : Yes
  Autoconfiguration Enabled . . . . : Yes
  Link-local IPv6 Address . . . . . : fe80::297d:9587:544d:de1d%10(Preferred)
  IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
  Subnet Mask . . . . . . . . . . . : 255.255.255.0
  Lease Obtained. . . . . . . . . . : Monday, December 01, 2014 6:10:57 PM
  Lease Expires . . . . . . . . . . : Tuesday, December 02, 2014 6:10:57 PM
  Default Gateway . . . . . . . . . : 192.168.1.1
  DHCP Server . . . . . . . . . . . : 192.168.1.1
  DHCPv6 IAID . . . . . . . . . . . : 234887840
  DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-5C-59-07-00-1A-A0-2D-F4-0D
  DNS Servers . . . . . . . . . . . : 66.119.96.9
  70.158.128.9
  192.168.1.1
  NetBIOS over Tcpip. . . . . . . . : Enabled
  Tunnel adapter isatap.{CC18CC2F-EC81-44AB-B600-E8916A02420C}:
  Media State . . . . . . . . . . . : Media disconnected
  Connection-specific DNS Suffix . :
  Description . . . . . . . . . . . : Microsoft ISATAP Adapter
  Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes
  Tunnel adapter Local Area Connection* 11:
  Connection-specific DNS Suffix . :
  Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
  Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes
  IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:30f1:403:3f57:fefd(Preferred)
  Link-local IPv6 Address . . . . . : fe80::30f1:403:3f57:fefd%12(Preferred)
  Default Gateway . . . . . . . . . : ::
  NetBIOS over Tcpip. . . . . . . . : Disabled
  I hope this helps.  I guess I need to know exactly what settings I need to put in the workstation's DNS.
  Capt. Dinosaur

• SCCM 2012 Linux Client Installation Error

  Hi guys,
  I had an error when a try to install SCCM 2012 R2 Linux Client on various RedHat Servers.
  This is the error on my Linux Servers:
  Checking Prerequisites...
  Running preinstall validator
  /tmp/cmetc/bin_100/preinstallvalidator: error while loading shared libraries: libssl.so.1.0.0: cannot open
  shared object file: No such file or directory
  Pre-Install validator failed. Please check the version of OpenSSL with CM installation requirements.
  I've seen this is a known error, and probably it could be solved by creating symlinks on the RedHat systems.
  I'm not a Linux expert. How do I create the symlink? What is the exact command?
  Regards,
  Rodrigo

  Excellent Kamil !
  I executed the following commands, and it worked fine:
  ln -s /usr/lib64/libssl.so.1.0.1e /usr/lib64/libssl.so.1.0.0
  ls /usr/lib64/ | grep libssl
  ln -s /usr/lib64/libcrypto.so.1.0.1e /usr/lib64/libcrypto.so.1.0.0
   ls /usr/lib64/ | grep libcrypto
  ./install -mp srv.domain.cl -sitecode NNN ccm-Universalx64.1.0.0.4580.tar
  Thanks a lot.
  Regards,
  Rodrigo

• Linux Clients - HTTPS

  Hi,
  I have an SCCM site which is fully secured with HTTPS.  I now have a requirement to add Linux devices.  I've looked at doing it with HTTPS but I would need to create a device certificate for every Linux device we have by hand, as there is no auto-enrollment
  available.
  I want to stick with HTTPS so what are my best options?  Is it possible to deploy another MP which is not secured with HTTPS just for Linux clients or are there better options?
  Thanks

  That's right. It seems a bit extreme though for that small number of devices. Have you considered using NDES/SCEP to automate the Linux certificate install?
  SCEP was developed to support the secure, scalable issuance of certificates to network devices by using existing certification authorities (CAs). Linux is just another device.
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/68a4e624-8322-43ce-87ac-b7e8fe04a7c8/non-windows-non-domain-computer-certificate-request-to-a-enterprise-ca?forum=winserversecurity
  http://technet.microsoft.com/en-us/library/cc755273.aspx
  http://social.technet.microsoft.com/wiki/contents/articles/9063.network-device-enrollment-service-ndes-in-active-directory-certificate-services-ad-cs.aspx
  Gerry Hampson | Blog:
  www.gerryhampsoncm.blogspot.ie | LinkedIn:
  Gerry Hampson | Twitter:
  @gerryhampson

• Home directories for Linux clients?

  Hello,
  I want to setup OS X Server to serve as an authentication server for Mac-, Windows- and Linux-clients. I have the services DHCP, DNS, OpenDirectory (as Open Directory Master) and Windows (as PDC) running.
  So far there is no problem to login on the three different platforms via LDAP. In WGM I set the home directory for Mac-clients and activated the virtual homes feature for windows. On both clients I get the network home functional but on the linux client the home does not appear.
  How do I configure the server to realize that? I thought that the linux clients would use the samba share that the windows clients use.
  iMac G5 (iSight) 20"   Mac OS X (10.4.6)  

  When you log in to the linux machine, do you get an error that states that the home directory for the user cannot be found? That error message should give you the path that is set in the LDAP directory as the home directory for that user. This directory needs to be added to the Linux filesystem, and then the Users folder on the OS X Server needs to be NFS mounted (rw) on the Linux machine.
  For ease of transition, I softlink /home to this directory on the Linux machines.