Hi All,
Ended up with some extra hardware and decided to setup another FreeNAS instance. All excited, about 20TB worth of SSD's, about another 100TB of 4TB SAS 10K drives, an HP DL585 with 32 threads and 384GB RAM... and the new and improved FreeNAS 9.3.1! Or that is how it started out anyways...
Fresh install of 9.3.1 FreeNAS-9.3-STABLE-201509022158.iso.
Configured IP, NTP, DNS, etc. All working. Followed the Active Directory instructions posted here:
http://doc.freenas.org/9.3/freenas_directoryservice.html#
Upon populating the AD info in the basic "Directory-->Active Directory" screen...
The GUI issues a red message:
"Unable to find domain controllers for OrlandoPG.net"
In the /var/log/debug.log we see:
Oct 1 18:24:39 THUNDERBIRD manage.py: [common.freenasldap:1086] FreeNAS_ActiveDirectory_Base.get_SRV_records: looking up SRV records for _ldap._tcp.dc._msdcs.orlandopg.net
and then the dreaded:
Oct 1 18:25:09 THUNDERBIRD manage.py: [common.freenasldap:1093] FreeNAS_ActiveDirectory_Base.get_SRV_records: no SRV records for _ldap._tcp.dc._msdcs.orlandopg.net found, fail!
So moving on to the troubleshooting section (http://doc.freenas.org/9.3/freenas_directoryservice.html#troubleshooting-tips):
[root@THUNDERBIRD] /var/log# host -t srv _ldap._tcp.dc._msdcs.orlandopg.net
and I get:
_ldap._tcp.dc._msdcs.orlandopg.net has SRV record 0 100 389 ad.orlandopg.net.
When I do this (not in trouble shooting section):
[root@THUNDERBIRD] /var/log# host -t srv _kerberos._tcp.dc._msdcs.orlandopg.net
I get this:
_kerberos._tcp.dc._msdcs.orlandopg.net has SRV record 0 100 88 ad.orlandopg.net.
When I do this:
[root@THUNDERBIRD] /var/log# ping ad.orlandopg.net
I get this:
PING ad.ORLANDOPG.NET (192.168.1.2): 56 data bytes
64 bytes from 192.168.1.2: icmp_seq=0 ttl=128 time=0.111 ms
... (ad nauseum)
And when I test DNS/Reverse Lookups we have:
[root@THUNDERBIRD] /var/log# nslookup ad.orlandopg.net
Server: 192.168.1.2
Address: 192.168.1.2#53
Name: ad.orlandopg.net
Address: 192.168.1.2
[root@THUNDERBIRD] /var/log# nslookup 192.168.1.2
Server: 192.168.1.2
Address: 192.168.1.2#53
2.1.168.192.in-addr.arpa name = ad.orlandopg.net.
Our AD system is a simple one node AD/DNS with no forest of clones, no DNS alternatives, etc.
I have another older FN 9.2 instance authenticated to this same AD (yes, with many issues and workarounds, but finally working).
Now here is the real fun part; the configuration will not save since it fails to authenticate. I've tried several sets of credentials including the domain administrator with no luck. I've tried using Advanced mode and supplying the domain controller name.
Any help/ideas from anyone here?
My next step will be to downgrade to an older version until these horrible bugs are worked out.
Also, BTW, System-->Advanced-->Enable autotune --> On fails with a red message above "Periodic Notification User: nobody (in the dropdown box by default); The user nobody is not valid (and any other user that I select produces the same message, so therefore no settings on this page are saved.
This means that I'd probably not be able to take advantage of the large RAM footprint of this particular machine.
Sigh....
Thank you for your time and patience.
Ended up with some extra hardware and decided to setup another FreeNAS instance. All excited, about 20TB worth of SSD's, about another 100TB of 4TB SAS 10K drives, an HP DL585 with 32 threads and 384GB RAM... and the new and improved FreeNAS 9.3.1! Or that is how it started out anyways...
Fresh install of 9.3.1 FreeNAS-9.3-STABLE-201509022158.iso.
Configured IP, NTP, DNS, etc. All working. Followed the Active Directory instructions posted here:
http://doc.freenas.org/9.3/freenas_directoryservice.html#
Upon populating the AD info in the basic "Directory-->Active Directory" screen...
The GUI issues a red message:
"Unable to find domain controllers for OrlandoPG.net"
In the /var/log/debug.log we see:
Oct 1 18:24:39 THUNDERBIRD manage.py: [common.freenasldap:1086] FreeNAS_ActiveDirectory_Base.get_SRV_records: looking up SRV records for _ldap._tcp.dc._msdcs.orlandopg.net
and then the dreaded:
Oct 1 18:25:09 THUNDERBIRD manage.py: [common.freenasldap:1093] FreeNAS_ActiveDirectory_Base.get_SRV_records: no SRV records for _ldap._tcp.dc._msdcs.orlandopg.net found, fail!
So moving on to the troubleshooting section (http://doc.freenas.org/9.3/freenas_directoryservice.html#troubleshooting-tips):
[root@THUNDERBIRD] /var/log# host -t srv _ldap._tcp.dc._msdcs.orlandopg.net
and I get:
_ldap._tcp.dc._msdcs.orlandopg.net has SRV record 0 100 389 ad.orlandopg.net.
When I do this (not in trouble shooting section):
[root@THUNDERBIRD] /var/log# host -t srv _kerberos._tcp.dc._msdcs.orlandopg.net
I get this:
_kerberos._tcp.dc._msdcs.orlandopg.net has SRV record 0 100 88 ad.orlandopg.net.
When I do this:
[root@THUNDERBIRD] /var/log# ping ad.orlandopg.net
I get this:
PING ad.ORLANDOPG.NET (192.168.1.2): 56 data bytes
64 bytes from 192.168.1.2: icmp_seq=0 ttl=128 time=0.111 ms
... (ad nauseum)
And when I test DNS/Reverse Lookups we have:
[root@THUNDERBIRD] /var/log# nslookup ad.orlandopg.net
Server: 192.168.1.2
Address: 192.168.1.2#53
Name: ad.orlandopg.net
Address: 192.168.1.2
[root@THUNDERBIRD] /var/log# nslookup 192.168.1.2
Server: 192.168.1.2
Address: 192.168.1.2#53
2.1.168.192.in-addr.arpa name = ad.orlandopg.net.
Our AD system is a simple one node AD/DNS with no forest of clones, no DNS alternatives, etc.
I have another older FN 9.2 instance authenticated to this same AD (yes, with many issues and workarounds, but finally working).
Now here is the real fun part; the configuration will not save since it fails to authenticate. I've tried several sets of credentials including the domain administrator with no luck. I've tried using Advanced mode and supplying the domain controller name.
Any help/ideas from anyone here?
My next step will be to downgrade to an older version until these horrible bugs are worked out.
Also, BTW, System-->Advanced-->Enable autotune --> On fails with a red message above "Periodic Notification User: nobody (in the dropdown box by default); The user nobody is not valid (and any other user that I select produces the same message, so therefore no settings on this page are saved.
This means that I'd probably not be able to take advantage of the large RAM footprint of this particular machine.
Sigh....
Thank you for your time and patience.