Active Directory Users Not Populating User/Members Lists

[Dave Bridges]

This is for FreeNas-9.1.1, I am using active directory which appears to be connecting ok, since the following list users/groups from that server with no problems

wbinfo -u
wbinfo -g

I can also join to ads with an authorized user

net ads join -U myusername

I can also connect to a server when that user is set as the owner of the share. However when i look at users under Account -> User -> View Users none are listed. More problematically, when I try to add members to a group, only the local users are shown. I am thinking there may be a problem with the AD list being saved to the internal FreeNAS directory, but I am not sure how to troubleshoot this. I need group level permissions because the way it is configured now, only the owner has permission to read/write any shared files. Any advice would be much appreciated

 

[dgux]

I can confirm that something is really broken regarding AD + 9.1.1.
No way to join through the "Directory Service" --> I always get a "Service cannot be started".
Joining via CLI was also not possible.
I set following in the "Auxiliary Parameter" under CIFS service:

realm = XXX.YY​

preferred master = no​

security = ADS​

winbind use default domain = Yes​

winbind separator = +​

idmap uid = 600-20000​

idmap gid = 600-20000​

template shell = /bin/bash​

winbind enum groups​

winbind enum users​

winbind nested groups = Yes​

After this I can successfully join via CLI:

kinit administrator​

administrator@XXX's Password: --> Successfully got Kerberos​

net ads join -U administrator​

Enter administrator's password:​

Using short domain name -- XXX​

Joined 'NAS01' to dns domain 'xxx.yy'​

winbindd​

wbinfo -u​

administrator​

guest​

krbtgt​

gcadmin​

Even after a successful CLI join the "Directory Service" cannot be started and neither users nor groups appears in FreeNAS.

 

[Dave Bridges]

That is not my issue, I can get directory service, and I can see the AD users and groups on the pull down menus, they just aren't choices on the members page to add to a group

 

[dgux]

Was just a way to say that the AD implementation on 9.1.1 is not really useful.
Waiting for 9.1.2

 

[robdeep]

I have this exact same behavior with 9.1.1. I can add AD users and groups to FreeNas shares, but they are not listed in the FreeNas users and groups pages in the GUI. Is this this the expected behavior?