|
Title: Join AD Fails Post by: qwaven on Friday 28 January 2011, 09:55:24 am Hello all,
I've just got Endian working and varified that the proxy/content filter does work. I've now tried to join the system to my Microsoft Active Directory domain using the "adjoin" button. I get a big red box saying "failed to join domain" . Would anyone be able to assist with figuring out why this is failing? I've already tried various accounts which are domain admins. Thanks! Title: Re: Join AD Fails Post by: davvidde on Tuesday 01 February 2011, 07:03:33 am Read THIS please and you get goal yourself:
http://kb.endian.com/entry/49/ Davide Title: Re: Join AD Fails Post by: qwaven on Tuesday 01 February 2011, 07:33:00 am Hi,
Thanks for your response. I've actually recently got the AD Join feature to work however authentication fails. When trying to browse to a site I am prompted to username and password which does not get excepted. Any thoughts? Title: Re: Join AD Fails Post by: davvidde on Tuesday 08 February 2011, 09:16:14 am if AD join works but authentication don't work try this from a ssh console:
squidclient -l 192.168.x.x -p 8080 -u YOURUSER -w YOURPASSWORD http://www.google.com where -l is the firewall ip from green if you want to test from green, orange and so on.. -p the port where squid is listening to -u the user you want to test -w the user password If doesn't work (it gives you an error), look permissions of: /var/cache/samba/winbindd_privileged if you get permissions like this drwxr-x--- 2 root root 4096 feb 04 13:18 winbindd_privileged then this is the error because it should be owned by root:squid To correct: chown -R root:squid /var/cache/samba/winbindd_privileged chmod -R 750 /var/cache/samba/winbindd_privileged restartsquid --force Title: Re: Join AD Fails Post by: qwaven on Tuesday 08 February 2011, 09:40:04 am Thanks for the help. I tried the command and I get what appears to be HTML code. I believe this means its working? However when trying from a computer I still am prompted for username and password. Any thoughts? I am using one cable for the proxy right now. Does this matter? (with auth off I can browse the net fine) Thanks! Title: Re: Join AD Fails Post by: davvidde on Wednesday 09 February 2011, 12:47:48 am Post more details of your HTTP proxy configuration. Use print screen. Have you looked at file permissions of /var/cache/samba/winbindd_privileged ?
Title: Re: Join AD Fails Post by: qwaven on Wednesday 09 February 2011, 02:59:36 am Hello again,
Thanks for the info. Just tried the permissions and I "think" authentication is working now. I can browse sites without being prompted for a password. However I don't think the block lists are working. I have most of them enabled or RED and I can still browse to youtube...etc. although if I put in a custom blocked page "facebook.com" this works. Any ideas? Is it possible to view block lists? Or are these updated? Thanks! Title: Re: Join AD Fails Post by: davvidde on Thursday 10 February 2011, 09:39:43 am You need a more searching work on this forum because your questions are already posted.
However there isn't a front-end to modify the predefined block lists. You can view it with a normal text editor in /etc/dansguardian/blacklists/<CATEGORIES>/domain ; There is also a script here http://www.efwsupport.com/index.php?topic=2147.0 that help you to retrieve blacklist from an on line service. Hope this help you. Title: Re: Join AD Fails Post by: qwaven on Friday 11 February 2011, 01:14:56 am Thanks for all your help. I think I've figured things out now. Still need to do some tweaking I'm sure but otherwise all seems good. Cheers! :) |