Active Directory Faulted - Windows Server 2003

U

UTELChris

Cadet
Joined
Sep 21, 2021
Messages
3
Hi,

I have setup a fresh TrueNAS 12.0-U5.1 VM.
The purpose is to host the company file server and I need to be able to manage share permissions with AD users/groups.
The AD version is 2003, we are planning to upgrade to 2019 but with the current hardware shortages at the moment that is months away, so have to work with 2003 for the moment.

When I try to setup the AD link in directory services it comes back with a status of faulted and the following notification.


Attempt to connect to netlogon share failed with error: [EFAULT] failed to call wbcPingDc: Domain is not trusted or cannot be found..

I have set the NTP server to the DC and tried creating the computer account in AD first.
The hostname has been set to the netbios name.


I get a leave domain button after the attempt but if I leave the page and go back its gone.
If I try the leave domain button and give it credentials it seems to work. If I supply the wrong password intentionally both on the join and leave I get a bad credentials message indicating that there is communication between TrueNAS and the DC.

I'm a bit stumped on how to progress and would really appreciate any help/tips.

Thanks.
 
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
Modern Samba does not permit its SMB client libraries to use SMB1 by default. Server 2003 doesn't support SMB 2/3. You will need to set client min protocol = NT1 in Services->SMB.
 
U

UTELChris

Cadet
Joined
Sep 21, 2021
Messages
3
anodos said:
Modern Samba does not permit its SMB client libraries to use SMB1 by default. Server 2003 doesn't support SMB 2/3. You will need to set client min protocol = NT1 in Services->SMB.
Click to expand...

Thanks for your advise, apologies I forgot to mention that I have already ticked the checkbox for "Enable SMB1 support" on the SMB service and has not made a difference.
 
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
UTELChris said:
Thanks for your advise, apologies I forgot to mention that I have already ticked the checkbox for "Enable SMB1 support" on the SMB service and has not made a difference.
Click to expand...
No. That's for the SMB _server_. Auxiliary parameter is for SMB client libraries. AD member servers connect to the domain controller. You need to basically disable security in order for us to bind to Server 2003 (which is ancient and should _never_ be used in production).
 
U

UTELChris

Cadet
Joined
Sep 21, 2021
Messages
3
anodos said:
No. That's for the SMB _server_. Auxiliary parameter is for SMB client libraries. AD member servers connect to the domain controller. You need to basically disable security in order for us to bind to Server 2003 (which is ancient and should _never_ be used in production).
Click to expand...
After reading both of your comments carefully I understand the setting and what you meant now.
I now have a "Healthy" join after adding the suggested config to the "Auxiliary Parameters" field in the advanced options for the SMB service.

Noted about the security and shouldn't be used in production. Like I mentioned it will only be short term hopefully while we wait on new hardware that can support modern Windows Server.

Thanks very much for your time and help.
 
You must log in or register to reply here.

Similar threads

M
AD Loses Connection After Reboot [ TrueNAS-12.0-U3.1 ]
Replies
1
Views
2K
matthew.mcmanus
M
scotrod
AD/SMB not working after system reboot
2
Replies
32
Views
9K
juwani
J
K
Active Directory Users not showing up
Replies
2
Views
2K
Konrad.Jaschke
K
S
Active directory disconnected continuously
Replies
3
Views
568
Davvo
Davvo
O
Active Directory not working (21.02-Alpha.1)
Replies
7
Views
4K
kryojenik
K
Top