AD Integration Prob...
 
Notifications
Clear all

AD Integration Problems

10 Posts
3 Users
0 Reactions
2,249 Views
Posts: 15
Topic starter
(@mp-souza)
Active Member
Joined: 9 years ago

I have two problems to integrate with AD:
1) In my website I have set up in AD Integration a Custom OU for users and group but the users for new websites are created by default in the AD Users OU.

2) In the DNS service I checked to Create Zones in Active Directory. But the zones are created as Primary Zone.

Tks,

Marcel Souza
Pds Informática

9 Replies
1 Reply
(@pythonit)
Joined: 9 years ago

Active Member
Posts: 11

Just a new adopter to SolidCP,

But ill try as i had similar issue, 🙂
>Did you create a new root OU in AD
>Then assign the OU in Hosted Organizations?
SolidCP > Servers > Hosted Organizations

Regards
Dean

Reply
Posts: 1995
Admin
(@m-tiggelaar)
Noble Member
Joined: 9 years ago

Hello,

In addition to what pythonIT mentions:

Double check the server "Active Directory settings" in the configuration --> servers --> [servername] page
make sure root domain is set, security to none.

The IIS application pool SolidCP Server user needs to have a minimum of Domain Admin membership assigned (if any changes are made to the user permissions make sure to do a iisreset).

A note on AD DC DNS:

DC DNS it's highly unrecommended to make them publicly facing DNS servers.

The main reason for this is: Recursive queries need to be disabled, together with all root hints deleted to be a safe DNS server that doesn't get abused to attack others or your self.

This in return means that dns forwarders do not work. so any domain name that's not in your own AD DC DNS won't be able to resolve. yet generally you configure all domain joined servers with the AD DC DNS's. making them unable to connect to google for example.

Regards,

Marco

Reply
Posts: 15
Topic starter
(@mp-souza)
Active Member
Joined: 9 years ago

Hello...

The problem is in Active Directory Account Settings.
I checked to create local accounts.

Now I changed the settings:
Create Active Directory Accounts
Authentication Type: Secure
Root domain: mydomain.com
User: mydomainAdministrator
Password: AdministratorPassword

But now when I change the website service, I get this error:

Page URL:
http://cp.pdshosting.com.br/Default.aspx?pid=Servers&mid=223&ctl=edit_service&ServiceID=8&ServerID=3

Logged User:
serveradmin

Work on Behalf:
serveradmin

Hosting Space:
0

Stack Trace:
System.Web.Services.Protocols.SoapException: System.Web.Services.Protocols.SoapException: System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> System.DirectoryServices.DirectoryServicesCOMException: A referral was returned from the server.

at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.get_AdsObject()
at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne)
at System.DirectoryServices.DirectorySearcher.FindOne()
at SolidCP.Providers.Utils.SecurityUtils.GetUserObject(DirectoryEntry objRoot, String userName, RemoteServerSettings serverSettings)
at SolidCP.Providers.Utils.SecurityUtils.GetAccountSid(String accountName, RemoteServerSettings serverSettings, String usersOU, String groupsOU)
at SolidCP.Providers.Web.IIs70.SetupWebDeployPublishingOnServer(List`1 messages)
at SolidCP.Providers.Web.IIs70.Install()
at SolidCP.Providers.Web.IIs80.Install()
at SolidCP.Server.ServiceProvider.Install()
--- End of inner exception stack trace ---
at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at SolidCP.Providers.ServiceProvider.Install()
at SolidCP.EnterpriseServer.esServers.InstallService(Int32 serviceId)
at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at SolidCP.EnterpriseServer.esServers.InstallService(Int32 serviceId)
at SolidCP.Portal.ServersEditService.btnUpdate_Click(Object sender, EventArgs e)

Reply
1 Reply
Admin
(@m-tiggelaar)
Joined: 9 years ago

Noble Member
Posts: 1995

System.DirectoryServices.DirectoryServicesCOMException: A referral was returned from the server.

generally means the path isn't correct.
But keep it more simple: clear the username, the password, and set the auth to none.

Then make sure the SolidCP Server application pool user is an domain user, with a minimum of domain admins member off group.

this will avoid any mistakes in the AD Settings configuration.

Reply
Posts: 15
Topic starter
(@mp-souza)
Active Member
Joined: 9 years ago

When I cleaned the user and password not worked, but I found the problem.
The root domain is mydomain.com.br and I put the username mydomainAdministrator.
When I changed to mydomain.com.brAdministrator worked.

The Hosted Organizations and Web Sites services are worked. But the DNS service continue to create the zones as primary instead of Integrated with AD.

 

tanks for your Support,

 

Marcel

Reply
Posts: 15
Topic starter
(@mp-souza)
Active Member
Joined: 9 years ago

The solidCP server user are in then domain administrators group>

Reply
Page 1 / 2
Share: