Active Directory/CIFS problem upgrading from 9.2.1.5 > 9.2.1.6

[Ed Hornsey]

Upgraded a fully working system this morning and now have a problem whereby there are no CIFS shares presented.

I initially did an upgrade (with various jails and sysctls) disabled those, and latterly a complete new image of 9.2.1.6. Both vectors result in identical error messages being logged at 1s intervals

Code:

Jul  4 20:07:13 freenas smbd[18945]:  STATUS=daemon 'smbd' finished starting up and ready to serve connectionsgss_accept_sec_context failed with [ Miscellaneous failure (see text): Failed to find cifs/freenas.webheath.local@WEBHEATH.LOCAL(kvno 2) in keytab MEMORY:cifs_srv_keytab (arcfour-hmac-md5)]
Jul  4 20:07:14 freenas smbd[18947]:  STATUS=daemon 'smbd' finished starting up and ready to serve connectionsgss_accept_sec_context failed with [ Miscellaneous failure (see text): Failed to find cifs/freenas.webheath.local@WEBHEATH.LOCAL(kvno 2) in keytab MEMORY:cifs_srv_keytab (arcfour-hmac-md5)]
Jul  4 20:07:14 freenas smbd[18948]:  STATUS=daemon 'smbd' finished starting up and ready to serve connectionsgss_accept_sec_context failed with [ Miscellaneous failure (see text): Failed to find cifs/freenas.webheath.local@WEBHEATH.LOCAL(kvno 2) in keytab MEMORY:cifs_srv_keytab (arcfour-hmac-md5)]

It looks like a DNS lookup is failing as there is a compound freenas.webheath.local (the name of my box) occuring. DNS works fine to the AD DC/GC from the Freenas shell.

Any help or guidance appreciated to help resolve this.

 

[pmccabe]

I'm getting a similiar error after upgrading...
http://forums.freenas.org/index.php?threads/9-2-1-6-upgrade-samba-issue.21980/

 

[Ed Hornsey]

A reboot of everything on my network and the taking some sleep seems to have put a halt to the error.

 

[jeroeng]

I have the same error's in the log. Will try a reboot.

A reboot didn't help. Any suggestions?

 

[Ed Hornsey]

After a day or so with no errors, a reboot has caused a return of the error messages

Code:

Jul  7 09:57:26 freenas smbd[6530]:  STATUS=daemon 'smbd' finished starting up and ready to serve connectionsgss_accept_sec_context failed with [ Miscellaneous failure (see text): Failed to find cifs/freenas.webheath.local@WEBHEATH.LOCAL(kvno 5) in keytab MEMORY:cifs_srv_keytab (arcfour-hmac-md5)]

 

[yois]

+1 I'm getting these errors as well.

 

[morphastor]

have the same problem after the update, reboot solves the problem but the error reappears.

 

[dlavigne]

Did anyone figure out the cause of this error?

 

[Harrison]

Just upgraded from working 9.2.1.5 to 9.2.1.7 and now receiving this same error and lost access to all files.
Tried rebooting, stopping/restarting CIFS & directory services, all to no avail.

Just created a new thread: http://forums.freenas.org/index.php?threads/lost-cifs-after-upgrade-to-9-2-1-7.22781/

 

[jag3773]

We are having this same problem on 2 FreeNAS servers, one of them is at 9.2.1.7, the other is at 9.2.1.8.

I can see all the users and groups on the FreeNAS servers with wbinfo and `wbinfo -t` comes back correct ('checking the trust secret for domain EATON via RPC calls succeeded').

Any ideas?

 

[Stuart1]

+1 I'm getting these errors as well.

 

[David Miller]

Make sure all your CIFS share definitions have a valid volume/dataset point - I had deleted a ZFS dataset that was shared and was having these errors. Once I deleted the invalid share, the errors stopped immediately.
DM

 

[Dudleydogg]

Something on your network has same IP address as your SAN and is trying to access it cifs/freenas.webheath.local@WEBHEATH.LOCAL
so your netbios name is NOT freenas.webhealth.local but yet the ip for freenas.webhealth.local goes to the san, so Samba is like "HEY who are you trying to access me with a name that is not mine.
This may not be your issue but it was mine. I removed all dns for anything except the netbios name of the freenas box and disconnected any mapped drives that may have been using a previous name but same IP address. Hope this helps

 

[Randall_64]

I'm running FreeNAS-9.3-STABLE-201503150158 with the same 'smbd-' or 'cifs-' error. I really don't know if it's smbd or cifs due the errormessage:

Mar 17 10:24:06 ictnas kernel: <118>Mar 17 10:24:06 ictnas smbd[12132]: STATUS=daemon 'smbd' finished starting up to serve connectionsgss_accept_sec_context failed with [ Miscellaneous failure (see text): Failed to find cifs/ICTNAS.company.intern@COMPANY.INTERN(kvno 25) in keytab MEMORY:cifs_srv_keytab (arcfour-hmac-md5)]

The errormessage above continues after seconds.

- Supplied the FreeNAS with another IP-address (10.100.10.150)
- Changed the DNS entry and reloaded DNS services at our DNS servers
- Did the client stuf 'ipconfig /flushdns'
- Removed the FreeNAS from AD and joined again

System-Hostname = ictnas.company.intern
Network - Hostname = ictnas
Network - Domain = company.intern
Network - IPv4 Default Gateway = 10.100.10.1
Netwerk - Nameserver 1: = 10.100.10.15
Netwerk - Nameserver 2: = 10.100.10.14
Netwerk - Nameserver 3: = 10.100.10.13

Sharing - Windows (CIFS) = /mnt/Volume01/Backup
Sharing - Windows (CIFS) = /mnt/Volume01/Data

Directory - Domain Name (DNS/Realm-Name): = company.intern
Directory - Domain Account Name: = Administrator
Directory - Domain Account Password: = xxxxxxxxxxxx
Directory - Kerberos Realm: = company.intern

Services - Cifs - NetBIOS name: = ictnas

I've been troubleshooting this for hours. Is there anybody able to pinpoint the problem?
Thank you in advance

 

[Dudleydogg]

You can have the Freenas setup perfectly but if you have a Cname reference to the Freenas IP address and some one tries to connect to that alternate Samba Name you will see that "Failed CIFS error message"
Reproduce create an alternate address in your dns for your san then \\bogusname and you see the error. so if any computer on your network is trying to hit the san you see Failed Cifs.
make sure it only has one dns name and it matches the samba name.

 

[SweetAndLow]

I'm running FreeNAS-9.3-STABLE-201503150158 with the same 'smbd-' or 'cifs-' error. I really don't know if it's smbd or cifs due the errormessage:

Mar 17 10:24:06 ictnas kernel: <118>Mar 17 10:24:06 ictnas smbd[12132]: STATUS=daemon 'smbd' finished starting up to serve connectionsgss_accept_sec_context failed with [ Miscellaneous failure (see text): Failed to find cifs/ICTNAS.company.intern@COMPANY.INTERN(kvno 25) in keytab MEMORY:cifs_srv_keytab (arcfour-hmac-md5)]

The errormessage above continues after seconds.

- Supplied the FreeNAS with another IP-address (10.100.10.150)
- Changed the DNS entry and reloaded DNS services at our DNS servers
- Did the client stuf 'ipconfig /flushdns'
- Removed the FreeNAS from AD and joined again

System-Hostname = ictnas.company.intern
Network - Hostname = ictnas
Network - Domain = company.intern
Network - IPv4 Default Gateway = 10.100.10.1
Netwerk - Nameserver 1: = 10.100.10.15
Netwerk - Nameserver 2: = 10.100.10.14
Netwerk - Nameserver 3: = 10.100.10.13

Sharing - Windows (CIFS) = /mnt/Volume01/Backup
Sharing - Windows (CIFS) = /mnt/Volume01/Data

Directory - Domain Name (DNS/Realm-Name): = company.intern
Directory - Domain Account Name: = Administrator
Directory - Domain Account Password: = xxxxxxxxxxxx
Directory - Kerberos Realm: = company.intern

Services - Cifs - NetBIOS name: = ictnas

I've been troubleshooting this for hours. Is there anybody able to pinpoint the problem?
Thank you in advance

Start a new thread. You have a kerberos problem and are missing the proper principals in your keytab.

 

[Randall_64]

Dudleydogg, you did the trick. At least a sort off because of the use of different IP-addresses.
Now I realise the CIFS service wants to have its OWN ipaddress (Services - CIFS: Bind IP Addresses).
Second thing what I've changed is the FreeNAS system Information. Just to keep hostname to 'hostname.local' and not 'hostname.company.intern' (System - Information: Hostname).
At last I changed the WebGUI ip-address to a different ip-address as CIFS.
When I set the ip-address fixed for the WebGUI, the WebGUI is only accessable through ip-address; not by DNS. Even when DNS entries exist at DNS tables from our DNS servers.
Because I'm the only FreeNAS Admin I solved this issue in the local hosts-file at my PC.

At the moment I've an error-message-free FreeNAS console. I'm aware it's probably not the most optimal config and sometimes it looks/sounds like a workaround.
In my case it's fair enough for having an AD-joined FreeNAS with 2 Datasets of 10Tb each and AD-permissions.
To be clear for anyone; when joining AD and having CIFS I needed 2 network connections at the FreeNAS.

Thanks again Dudleydogg!

 

[tduval]

I'm having the same problem as Randall_64 Same exact error.

STATUS=daemon 'smbd' finished starting up to serve connectionsgss_accept_sec_context failed with [ Miscellaneous failure (see text): Failed to find cifs/[EMAIL]ICTNAS.company.intern@COMPANY.INTERN[/EMAIL](kvno 25) in keytab MEMORY:cifs_srv_keytab (arcfour-hmac-md5)]

This just started happening out of the blue as far as I can tell. Everything was running fine on version FreeNAS-9.3-STABLE-201503130626 then teh errors started. Upgraded to FreeNAS-9.3-STABLE-201503270027 and same errors.

Is there a current thread of that specific issue?

Thanks

 

[Boss]

I just started getting this messages after applying the latest updates.

Apr 1 10:32:52 abbtxsan1 kernel: <118>Apr 1 10:32:52 abbtxsan1 smbd[9741]: STATUS=daemon 'smbd' finished starting up and ready to serve connectionsgss_accept_sec_context failed with [ Miscellaneous failure (see text): Failed to find cifs/abbtxsan1.mikeabbott.org@MIKEABBOTT.ORG(kvno 13) in keytab MEMORY:cifs_srv_keytab (arcfour-hmac-md5)]

 

[kkwoodbrey]

I am getting the same issue after applying the latest updates.

Apr 1 21:34:22 solar2 kernel: <118>Apr 1 21:34:22 solar2 smbd[28487]: STATUS=daemon 'smbd' finished starting up and ready to serve connectionsgss_accept_sec_context failed with [ Miscellaneous failure (see text): Failed to find cifs/solar2.woodbrey.int@WOODBREY.INT(kvno 13) in keytab MEMORY:cifs_srv_keytab (arcfour-hmac-md5)]