Ben SysAdmin
Cadet
- Joined
- Apr 9, 2014
- Messages
- 5
I follow a thread I found in this forum
My setup fail at service ix-activedirectory start with error
DNS Update for freenas.local failed: ERROR_DNS_UPDATE_FAILED
DNS update failed: NT_STATUS_UNSUCCESSFUL
I made the exact same thing on a old setup I had in virtualbox and its working fine. When I try with 9.2.17 my freenas join the domain but return me the dns error.
I use samba4 DC
My working config in 9.1.1
my not working config in 9.2.1.7
I don't know if you need more config file. Let me know if someone can try to work with me to make it working in 9.2.1.7
sqlite3 /data/freenas-v1.db "update services_services set srv_enable = 1 where srv_service = 'directoryservice'"
service ix-kerberos start
service ix-kinit start
service ix-kinit status
echo $? # this should be 0
klist # this should show kerberos tickets
service ix-pam start
service ix-nsswitch start
service ix-samba start
service ix-activedirectory start
service ix-activedirectory status
echo $? # this should be 0
service samba restart
My setup fail at service ix-activedirectory start with error
DNS Update for freenas.local failed: ERROR_DNS_UPDATE_FAILED
DNS update failed: NT_STATUS_UNSUCCESSFUL
I made the exact same thing on a old setup I had in virtualbox and its working fine. When I try with 9.2.17 my freenas join the domain but return me the dns error.
I use samba4 DC
My working config in 9.1.1
cat /etc/krb5.conf
[appdefaults]
pam = {
forwardable = true
ticket_lifetime = 36000
renew_lifetime = 36000
}
[libdefaults]
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
clockskew = 300
forwardable = yes
default_realm = MTL.DOMAIN.COM
[logging]
default = SYSLOG:INFO:LOCAL7
[realms]
MTL.DOMAIN.COM = {
kdc = gaia.DOMAIN.com:88
admin_server = gaia.DOMAIN.com:88
default_domain = mtl.DOMAIN.com
kpasswd_server = gaia.DOMAIN.com:88
}
[domain_realm]
mtl.DOMAIN.com = MTL.DOMAIN.COM
.mtl.DOMAIN.com = MTL.DOMAIN.COM
MTL.DOMAIN.COM = MTL.DOMAIN.COM
.MTL.DOMAIN.COM = MTL.DOMAIN.COM
my not working config in 9.2.1.7
[appdefaults]
pam = {
forwardable = true
ticket_lifetime = 86400
renew_lifetime = 86400
}
[libdefaults]
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
clockskew = 300
forwardable = yes
default_realm = MTL.DOMAIN.COM
[logging]
default = SYSLOG:INFO:LOCAL7
[realms]
MTL.DOMAIN.COM = {
kdc = gaia.DOMAIN.com:88
admin_server = gaia.DOMAIN.com:88
default_domain = mtl.DOMAIN.com
kpasswd_server = gaia.DOMAIN.com:88
}
[domain_realm]
mtl.DOMAIN.com = MTL.DOMAIN.COM
.mtl.DOMAIN.com = MTL.DOMAIN.COM
MTL.DOMAIN.COM = MTL.DOMAIN.COM
.MTL.DOMAIN.COM = MTL.DOMAIN.COM
I don't know if you need more config file. Let me know if someone can try to work with me to make it working in 9.2.1.7