AD and CIFS Configuration

[ashishchandrakar]

Hi....

Is any pre requisite to integrate AD of Windows 2003 into FreeNAS 8.0.4 64 bit version.

I am trying to start AD in freenas but couldn't started.

 

[winstontj]

I'll bump this thread rather than start a new one.

I'm getting an error "failure to join domain, invalid credentials"

I can ping both machines but that's about it. I can ping via host name and via IP from both the AD server and the Shell of FreeNAS. I have set up AD before on a FreeNAS box but it's been a while. I feel like I'm missing something dumb. I am following the docs exactly as written but it's failing at the authentication level and I can't get past it. Good news is that the two boxes are talking enough to fail authentication - but that's it.

 

[bfishernc]

I recently did this - didn't have any issues. I'm not an expert but will try to help if I can.

Did you follow the AD page in documentation? http://doc.freenas.org/index.php/Active_Directory

I used IP address rather than host name, and I needed my full domain (home.fisher... not just fisher). I used Fisher in the workgroup name. And then used an Admin/password and it connected.

It automatically updates daily, or I can manually force an update.

 

[winstontj]

I recently did this - didn't have any issues. I'm not an expert but will try to help if I can.

Did you follow the AD page in documentation? http://doc.freenas.org/index.php/Active_Directory

I used IP address rather than host name, and I needed my full domain (home.fisher... not just fisher). I used Fisher in the workgroup name. And then used an Admin/password and it connected.

It automatically updates daily, or I can manually force an update.

Yes, I followed the documentation and the "workgroup" is what's hanging me up. I have a rather complex setup but essentially the FreeNAS box is a VM (dedicated RAID array but not 100% dedicated hardware) and will only be connecting to machines that are within the AD Domain. All of those computers (virtual or PC's or servers) are already joined to the Domain so quite literally each of the machines I'm trying to connect to the FreeNAS box don't have a workgroup because adding them to the Domain over-writes that.

Should I leave "Workgroup" blank? I have no problems pinging things (so I know it's not a firewall issue) but I just can't get the thing to join the Domain. I have two other FreeNAS boxes that are in windows workgroups and they work fine, my issue is probably something stupid with the AD setup.

I followed the documentation but I'm stuck at the authentication failure.

EDIT: Thank you very much for the reply, I appreciate it.

 

[winstontj]

I'm to the point that I can ping the IP, host name and domain name (FQDN) from either the AD server or the FreeNAS VM.

From AD Server:
Ping xx.xx.xx.x
Ping FreeNAS
Ping domain.net
^^ all works and returns <1ms pings

From FreeNAS:
Ping xx.xx.xx.x
Ping ADSRVxx
Ping domain.net
^^^ All work from console shell and return values of <1ms

I know that the AD Services are running because if I shut down the server my remote desktop will not allow me to authenticate onto some of my VMs. As soon as I turn the (Virtual) AD server back on I can log into anything I need to.

I was having issues with pinging but after I added the DNS record to the AD Server there were no problems with pings.

That's about how far I can get. Regarding Kerberos, both VMs are running on the same host server and both are set to sync with the host as well as I have manually added all the same NTP addresses to both the host server, AD server and the FreeNAS box.

 

[winstontj]

Still having issues, not even sure how to troubleshoot at this point.

When I use "Administrator" and the proper AD Server Administrator PW I receive a login credentials failure. (no idea why) When I use a different AD account (created with exactly the same memberships, privileges and permissions as the Administrator account) I get a general failure.

When I follow the steps in the http://doc.freenas.org/index.php/Active_Directory I am following exactly as stated. I can ping just as before. When I go into Services > Control Services and I try to switch Active Directory on it shows an error up top saying "The service could not be started".

I know that the FreeNAS box is at least hitting and talking to the AD Server since when I use the proper admin credentials I am returned with an "invalid login" error.

Any ideas or suggestions?

Thanks.

 

[TJ Wenger]

Just a heads up, I'm having the same problem. My service won't start as well, everything checks out as you stated.

 

[winstontj]

Well hopefully someone has figured out how to run FreeNAS on a VM and use AD. Hopefully they will also chime in.

The several hour time difference between the OS clock and the (virtual) CMOS/BIOS clock is buggering things up.