Ubuntu Desktop add to AD Windows Server 2019 problem

Forum home -> Tech Talk -> View topic

Post

Posted
Rating:
#368 (In Topic #76)
Avatar
Standard member

VLAN and Active Directory

I am actually a noob when it comes to ubuntu, let alone linux….
The network infrastructure demands that devices needs to be separated by VLAN. All of them are done without any issues so far. Everything works as intended except for this one.

The windows server serves as both the domain controller and DHCP for almost the entirety of the network. Connecting clients with Windows 10 works fine in any of the VLANs within the network, both the DHCP and Active Directory (login) works just fine. However when it comes to the Ubuntu, only the ones connected in the same VLAN (subnet) of the said server works, once it goes to a different VLAN, regardles of when the configuration is done. It can't seem to find any users but manages to get an IP from the DHCP and even find the kinit and even add itself to the Windows Server Active Directory Computer. I followed the turtorial here: https://nerdonthestreet.com/wiki?find=Authenticate+Ubuntu+19.04+against+Active+Directory and it seems to work perfectly when both of my ubuntu client and Windows server are on the same VLAN (subnet) and as I mentioned earlier, when it goes to a different VLAN or if it was created on a different VLAN, it can't seem to find any Users (but DHCP, and even the adding of the computer to the AD has no issues).

It is imperative that the clients belong to it's own VLAN but using Windows is not feasible. Please advise.
Thank you so much!

Regards,
Aseroth

PS: When I try to transfer the said instance/unit to the same vlan as the server, it works just fine. I tried creating a VLAN for interface (NIC Teaming) of the Windows Server, creating subnets for SItes and Services but to no avail. Windows Clients work just fine to the ports/vlans where the ubuntu will fail to work. Again hoping to hear from you guys! thank you!

PPS: I think I managed to see the users now by changing the address of the one in the /etc/hosts of the Server to the one that I created in the NIC Teaming which belongs to the same subnet, and was able to "login" to the accounts on the users of the AD, however with that, I am now stuck in a login loop. Logging in even at the local account returns me back to the login screen. Thanks again.

Last edit: by Aseroth

Online now: No Back to the top

Post

Posted
Rating:
#369
Avatar
NOTS Staff

Aseroth said

it seems to work perfectly when both of my ubuntu client and Windows server are on the same VLAN (subnet) and as I mentioned earlier, when it goes to a different VLAN or if it was created on a different VLAN, it can't seem to find any Users (but DHCP, and even the adding of the computer to the AD has no issues).

This sounds like a networking problem. Have you had your networking team take packet captures to see what's going on yet? It sounds like your router isn't set up to route between the different VLANs the way you need it to.

Aseroth said

Logging in even at the local account returns me back to the login screen.

First, try logging in at a full-screen terminal (Ctrl-Alt-F5) to see if you've broken authentication altogether (which is possible to do when working with PAM.) If you're able to log into the terminal but not a GUI, then the issue is some GUI configuration unrelated to the authentication. For the latter, System76 has a good support article on dealing with that: https://support.system76.com/articles/login-loop/
Online now: Yes Back to the top
1 guest and 0 members have just viewed this.