Active Directory not working (21.02-Alpha.1)

O

ozoo

Dabbler
Joined
Feb 6, 2020
Messages
16
Hi

Since I've installed the first Alpha of True NAS Scale, Active Directly has always been broken.
I Didn't investigate too much since it was an early version.
I just upgraded to TrueNAS-SCALE-21.02-ALPHA.1, and AD is still not working, with a different error this time.
Not sure where to look to troubleshoot that
Right now, I'm getting an alert stating
Attempt to connect to netlogon share failed with error: [EFAULT] could not obtain winbind interface details: Winbind daemon is not available. could not obtain winbind domain name! failed to call wbcPingDc: Winbind daemon is not available..

In the Credentials/Directory Service/Active Directory, I don't see any trace of any error, but there's no "test" button, so I'm not too sure if my settings are correct or not.

Is AD supposed to be functional in this version ?
And if so, how do I troubleshoot it ?

Thanks
 
Last edited:
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
ozoo said:
Hi

Since I've installed the first Alpha of True NAS Scale, Active Directly has always been broken.
I Didn't investigate too much since it was an early version.
I just upgraded to TrueNAS-SCALE-21.02-ALPHA.1, and AD is still not working, with a different error this time.
Not sure where to look to troubleshoot that
Right now, I'm getting an alert stating
Attempt to connect to netlogon share failed with error: [EFAULT] could not obtain winbind interface details: Winbind daemon is not available. could not obtain winbind domain name! failed to call wbcPingDc: Winbind daemon is not available..

In the Credentials/Directory Service/Active Directory, I don't see any trace of any error, but there's not "test" button, so I'm not too sure if my settings are correct or not.

Is AD supposed to be functional in this version ?
And if so, how do I troubleshoot it ?

Thanks
Click to expand...
Possibly an issue I fixed earlier today. Try the following steps:
1) input credentials and AD info, but leave "enable" unchecked"
2) from shell run command "midclt call activedirectory.start".
3) watch progress of AD join in task manager in top-right of screen until complete.
 
O

ozoo

Dabbler
Joined
Feb 6, 2020
Messages
16
Thanks !
I'm getting a bit further now, as the task manager now gives me an error
Error: [EFAULT] Failed to join domain: Failed to set account flags for machine account (NT_STATUS_ACCESS_DENIED)
Maybe something wrong with my AD settings.
I can't even find a textbox to reenter the password for the AD. How do I reset it ?
 
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
ozoo said:
Thanks !
I'm getting a bit further now, as the task manager now gives me an error
Error: [EFAULT] Failed to join domain: Failed to set account flags for machine account (NT_STATUS_ACCESS_DENIED)
Maybe something wrong with my AD settings.
I can't even find a textbox to reenter the password for the AD. How do I reset it ?
Click to expand...
This error message means that your account lack sufficient privileges to join the server to the AD domain.
 
O

ozoo

Dabbler
Joined
Feb 6, 2020
Messages
16
Thanks

Looks like the account was ok, but for some reason refused to work.
I managed to make it work by leaving the domain, and joining again.
Now, the next issue is the smb share is not working.
When I go to Shares/Windows Shares/ Edit FileSystem ACL, I see a red message stating "Could not find a user name for this user ID. " for the user (likewise for the group)
How can I confirm what AD ids TrueNAS is actually seeing in the UI ?
 
K

kryojenik

Cadet
Joined
Oct 22, 2020
Messages
2
I just recently did a new install of 21.02 AD isn't working there. wbinfo commands and getent were able to show users and groups from the domain, but smbclient -L 127.0.0.1 commands would fail authentication.

Long story of digging and trouble shooting... 21.02 had nscd running and 20.10 did not. nscd does not play nice with winbind. This is the exact issue seen when both are running.


# systemctl stop nscd

and suddenly all my SMB shares started working again.
 
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
kryojenik said:
I just recently did a new install of 21.02 AD isn't working there. wbinfo commands and getent were able to show users and groups from the domain, but smbclient -L 127.0.0.1 commands would fail authentication.

Long story of digging and trouble shooting... 21.02 had nscd running and 20.10 did not. nscd does not play nice with winbind. This is the exact issue seen when both are running.


# systemctl stop nscd

and suddenly all my SMB shares started working again.
Click to expand...
In the latest nightlies I disable nscd when AD starts. I didn't realize it was starting automatically in SCALE until fairly recently.
 
K

kryojenik

Cadet
Joined
Oct 22, 2020
Messages
2
anodos said:
In the latest nightlies I disable nscd when AD starts. I didn't realize it was starting automatically in SCALE until fairly recently.
Click to expand...
Awesome... Just ran across NAS-109321 too. Was going to report is, but saw you already had it covered. ;)
 
You must log in or register to reply here.

Similar threads

scotrod
AD/SMB not working after system reboot
2
Replies
32
Views
8K
juwani
J
R
FreeNAS 11.3 & Active Directory Domain
Replies
11
Views
6K
root31337
R
M
AD Loses Connection After Reboot [ TrueNAS-12.0-U3.1 ]
Replies
1
Views
2K
matthew.mcmanus
M
M
Unable to connect to domain after upgrade from 11.2.7 to 11.3
Replies
5
Views
15K
pierreschmitz
P
O
Upgrade from Freenas 11.1-U7 to 11.3-U2 (CIFS/ SMB will not start)
Replies
4
Views
2K
anodos
anodos
Top