Hi,
So here are more infos about my config :
FreeNAS 11.1U1 running on ESXi 6.5 VM
Windows Server 2016 Active Directory, standard schema (default AD installation)
uidNumber and gidNumber are set for users i want to use and are in the 10000-20000 range
FreeNAS settings :
- Network settings :
Host : freenas
Domain : home.lan
Gateway : 192.168.1.1
DNS 1 : 192.168.1.100 #WS2016 DNS
Network Interface : Add -> em0 -> DHCP #DHCP managed by WS2016
- NTP configuration ok. Using AD server for NTP,
- Directory settings :
DNS : home.lan
Account : Administrateur
Password : PASSWORD
Idmap : ad (uidNumber and gidNumber provided in my AD for users i want to use)
Netbios Name : FREENAS
- SMB settings :
Netbios : FREENAS
Workgroup : HOME
Everything else : default
smb4.conf
Code:
[global]
encrypt passwords = yes
dns proxy = no
strict locking = no
oplocks = yes
deadtime = 15
max log size = 51200
max open files = 234812
logging = file
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
getwd cache = yes
guest account = nobody
map to guest = Bad User
obey pam restrictions = yes
ntlm auth = no
directory name cache size = 0
kernel change notify = no
panic action = /usr/local/libexec/samba/samba-backtrace
nsupdate command = /usr/local/bin/samba-nsupdate -g
server string = FreeNAS Server
ea support = yes
store dos attributes = yes
lm announce = yes
hostname lookups = yes
time server = yes
acl allow execute always = true
dos filemode = yes
multicast dns register = yes
domain logons = no
idmap config *: backend = tdb
idmap config *: range = 90000001-100000000
server role = member server
workgroup = HOME
realm = HOME.LAN
security = ADS
client use spnego = yes
local master = no
domain master = no
preferred master = no
ads dns update = yes
winbind cache time = 7200
winbind offline logon = yes
winbind enum users = yes
winbind enum groups = yes
winbind nested groups = yes
winbind use default domain = no
winbind refresh tickets = yes
idmap config HOME: backend = ad
idmap config HOME: range = 10000-90000000
idmap config HOME: schema mode = rfc2307
allow trusted domains = no
client ldap sasl wrapping = plain
template shell = /bin/sh
template homedir = None/%D/%U
netbios name = FREENAS
create mask = 0666
directory mask = 0777
client ntlmv2 auth = yes
dos charset = CP437
unix charset = UTF-8
log level = 1
wbinfo -u returns
HOME\administrateur
HOME\invité
HOME\defaultaccount
HOME\krbtgt
HOME\alex
HOME\pauline
HOME\ktpasssystemuser
HOME\ldap
id alex returns :
User doesn't exist
wbinfo -i alex
failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for user alex
Problem is, ad users and groups don't show in the web interface, neither can i use them for my volumes permissions..
Thanx a lot for helping !