Likewise AD Domain Join Breaks Every 7 Days
I have been using Likewise Open for awhile to perform user authentication against Active Directory on my Linux servers. For the most part it works great, and is dead simple to set up.
Recently I have been building out a SLES 11 environment and ran into some troubles with authentication with Likewise. I could join servers to the domain and everything would work great. Then some time later I would go to log in to the server only to get an "access denied" error. Upon logging in as root on the console and running "domainjoin-cli query", I would get this output:
someserver:~ # domainjoin-cli query Error: Lsass Error [code 0x00080047] 40022 (0x9C56) LW_ERROR_PASSWORD_MISMATCH - The password is incorrect for the given username
When searching for "LW_ERROR_PASSWORD_MISMATCH", there are hardly any results. Most of the results I did get were just links to source code where that string was used as a constant.
After quite a bit of log hunting and deduction, I was finally able to figure it out and correct the error. Read on for the solution.
Windows XP/Vista/7 iSCSI Boot
UPDATE: A lot of people are hitting this searching for Windows 7 iSCSI boot info. It's EASY! Jump to the bottom for some links that should get you going. The bulk of this article is about Windows XP iSCSI booting, which is also easy, but more involved than Windows 7.
It has been awhile now since I have lost my animosity toward people who destroy computers that I administer. Mostly because I get paid money to spend half my time at work un-breaking and tidying *NIX servers. It also means that I have a particular attraction to anything that helps me clean up the users' mess more quickly.
Enter: My home media PC.
This is a computer attached to the TV in my living room. Everyone who uses it is 90% likely to be intoxicated and know nothing about computers. When we get back from the bar or just party at home this thing ends up being used to troll YouTube and email until the wee hours of the morning. It's 3:30am and your drunk friend checks his email and gets a link to download sweetvideo.exe. "Sounds GREAT!"
So I got sick of constantly rebuilding the computer. Linux storage server + LVM snapshots + gPXE + iSCSI boot-from-san Windows solution after the jump.