Join remote domain fails / General Questions / NetSetMan Support

NetSetMan Support

Search for already answered questions about NetSetMan (Pro) or ask new ones

You are not logged in.

Pages: 1

#1 2015-09-17 21:44

rowdy
Member
Registered: 2015-09-17
Posts: 3

Join remote domain fails

Hello,

In our case we often need to switch computers between our domain and a workgroup. NetSetMan works great for this feature. BUT if we are at a remote location, I am unable to rejoin the domain.

I can setup a VPN connection to our domain using rasphone vpn connection. Not normal pptp for our authentication is done using RSA. When the vpn is up I can ping all systems on the office lan but are unable to join the domain:

[0:10] Adapter - Refresh: OK
[0:10] Adapter Status: Start
           Activate
[0:10] Adapter Status: OK
[0:10] Computer Name: Start
           BLOBVIS
[0:10] Computer Name: Error 1
Successful completion, reboot required.
[0:10] Domain: Start
           td@test.local
[0:10] PowerShell 2.0 found
[0:13] PS Error: Add-Computer : This command cannot be executed on target computer('BLOBVIS') due to following error: The specified domain either does not exist or could not be contacted.At line:1 char:13
[0:13] Domain: Error

[0:13] Finish (22:17:07)

When I do a IPconfig I notice that, the vpn connection is lost. It seems netsetman disconnects the vpn.
I also checked this site and set the advanced dns settings:
http://blog.lan-tech.ca/2012/07/25/how- … ing-a-vpn/

Is there a way to overcome this issue?

Thanks for any assistance in advance.

rowdy

Offline

#2 2015-09-17 22:26

NetSetMan Support
Administrator
Registered: 2005-08-06
Posts: 1,878

Re: Join remote domain fails

If I understand your situation correctly then the whole problem only exists because the VPN connection is disconnected during a profile activation.
Looking at your activation log I notice that you're changing the IP of your NIC because of the line "[0:10] Adapter - Refresh: OK". The adapter is reinitialized after all IP changes. During this reinitialization all connections are of course lost.

Would this explain the problem?

If yes, then your solution might be to either not change the IP settings in that profile (in case you don't really need to) or establish the VPN connection as part of the profile activation. For this I'd recommend to devide the profile in two subprofiles. In the first you configure everything (incl. establishing the VPN connection) but the domain, in the second you configure the domain only. That way you have control over the activation order and the domain connection is established after all the other changes have already been finished.
subprofiles.png
Further details: www.netsetman.com/en/help?hf=en#hf_profiles

Offline

#3 2015-09-18 10:48

rowdy
Member
Registered: 2015-09-17
Posts: 3

Re: Join remote domain fails

Hello Ilya,

Thanks for the swift reply.

I think I understand your line of thinking, however.. when I select "connection"and hit + to add a connection I can select VPN connections. That is great if you have a pptp connection. But, we have to use a rasphone connection, due RSA authentication. Unlike OSX Windows fails to support RSA out of the box. There is no way to select a ras phone connection.

You can see what I mean if you enter rasphone in a dosbox and hit enter.

Offline

#4 2015-09-18 11:05

NetSetMan Support
Administrator
Registered: 2005-08-06
Posts: 1,878

Re: Join remote domain fails

Well, in that case you could add a script at the end of the profile activation ("After" tab) with the simple line "rasphone" and optionally check to wait for the completion of the script. That way the rasphone dialog is shown directly after all other settings have been applied in your profile, so you only have to select the connection and click OK. Rasphone offers a couple of paramters that you might want to use as well to select the correct connection (https://support.microsoft.com/kb/125393/).
Does that work for you?

Offline

#5 2015-09-18 11:08

rowdy
Member
Registered: 2015-09-17
Posts: 3

Re: Join remote domain fails

I tried the scenario. Created and tested a pptp witch SecuresID authentication. That works.
Next I created the spit setup and get the following log:

[0:01] Waiting for network...
[0:06] Adapter - Refresh: OK
[0:06] Computer Name: Start
           BLOBVIS
[0:08] Computer Name: Error 1
Successful completion, reboot required.
[0:08] Connection: Start
           Connect: CompanyVPN
[0:08] Connect: CompanyVPN
           Remote Access error 703 - The connection needs information from you, but the application does not allow user interaction.
[0:08] Connection: Error

[0:08] Start: Local Area Connection
[0:08] Adapter found
[0:08] Computer Name: Start
           BLOBVIS
[0:08] Computer Name: Error 1
Successful completion, reboot required.
[0:08] Domain: Start
           td@ourcompany.local
[0:08] PowerShell 2.0 found
[0:11] PS Error: Add-Computer : This command cannot be executed on target computer('BLOBVIS') due to following error: The specified domain either does not exist or could not be contacted.At line:1 char:13
[0:11] Domain: Error

[0:11] Finish (12:01:21)

The problem with RSA authentication is that a user needs to enter a pin and rolling key code. It seems a user prompt is not allowed, doe you know a work around?

Last edited by rowdy (2015-09-18 11:09)

Offline

#6 2015-09-18 12:18

NetSetMan Support
Administrator
Registered: 2005-08-06
Posts: 1,878

Re: Join remote domain fails

I don't quite understand what you tried to do here. It seems like you've tried my first recommendation here, instead of the script method. In your log I don't see a script execution. Also by using the script to launch the rasphone dialog you don't need to split up the profile.

Offline

Pages: 1