PacketFence安装问题

PacketFence安装问题

一、mschap: Program returned code (1) and output 'Reading winbind reply failed! (0xc0000001)'
原因：winbind 服务没有开机未启动
解决办法：手动重启winbind 服务
运行systemctl enable smb、systemctl enable winbind这两个命令把smb和winbind设置成开机自启并重启smb和winbind服务，然后运行命令net join -U Administrator（管理员用户名）加入AD域并重启服务器。
可以使用wbinfo -a （用户名）测试

二、mschap: Program returned code (1) and output 'The attempted logon is invalid. This is either due to a bad username or authentication information. (0xc000006d)'
原因：/etc/samba/smb.conf 中security = user
解决办法：修改smb.conf配置文件，修改后文件如下。然后重启smb、winbind这俩个服务。修改dns文件vi /etc/resolv.conf 将下一行内容写入文件中并重启网卡
search pftest.com nameserver ADIP

[global]
	workgroup = PFTEST
	security = ads
    realm = PFTEST.COM
	passdb backend = tdbsam
    password server = 192.168.1.127 
	printing = cups
	printcap name = cups
	load printers = yes
	cups options = raw
[homes]
	comment = Home Directories
	valid users = %S, %D%w%S
	browseable = No
	read only = No
	inherit acls = Yes
[printers]
	comment = All Printers
	path = /var/tmp
	printable = Yes
	create mask = 0600
	browseable = No
[print$]
	comment = Printer Drivers
	path = /var/lib/samba/drivers
	write list = @printadmin root
	force group = @printadmin
	create mask = 0664
	directory mask = 0775

三、
mschap: Program returned code (1) and output ‘No logon servers are currently available to service the logon request. (0xc000005e)’
原因：未知
解决办法：重新加入AD域 命令如下
net join -U Administrator（管理员用户名）
可以使用wbinfo -a 用户名）测试

四、
PF服务器验证已经通过但是PC依然认证失败
原因：可能configuration–switches–交换机–roles–Role by VLAN ID
解决办法：使用默认配置
可能解决用一个已经可以认证PF服务器认证这个PC