AD users/groups syncing

[Cinjin]

Hi All,

I am running on FreeNAS 11.3-U3.1 and two Active Directory Servers (one windows 2012 and one windows 2016). I recently added a group to AD and put myself in it and i see myself in that group on all servers in the office except on the FreeNAS server. On the FreeNAS server i do see that new group just not anyone assigned to it. I tried to rebuild the service cache with no change.

Any idea why it doesnt seem to be syncing properly ?

 

[anodos]

Hi All,

I am running on FreeNAS 11.3-U3.1 and two Active Directory Servers (one windows 2012 and one windows 2016). I recently added a group to AD and put myself in it and i see myself in that group on all servers in the office except on the FreeNAS server. On the FreeNAS server i do see that new group just not anyone assigned to it. I tried to rebuild the service cache with no change.

Any idea why it doesnt seem to be syncing properly ?

If `wbinfo -t` returns normally it's probably just a matter of caching. You can run `service winbindd status` in the CLI to get the PID for the winbindd process then `kill -HUP <pid>` to force it to discard the cache. May need to `net cache flush` if for some reason a negative lookup result is in there.

 

[Cinjin]

wbinfo - t returns as successful. I killed winbindd, did a 'net cache flush" and started winbindd but i still have the same issue where it doesnt show me as in that group on FreeNAS.

 

[Cinjin]

Everything seems to be synced now, it seems like after running those steps i just had to wait a long time.

 

[Cinjin]

Syncing seemed to take over a day to get it all working but these are the possible steps that may have fixed the issue if anyone else is having it:


In FreeNAS UI go to Directory Services > Active Directory > hit rebuild directory service cache.

SSH steps:

1. wbinfo -t > make sure the check comes back successful
2. Service winbindd stop
3. Net cache flush
4. Service winbindd start

Reboot AD servers.

 

[Cinjin]

It looks like i am still having an issue. So on my AD windows servers i have a group with say 10 people in it, everything looks good there but when i check some of those users on the FreeNAS server it does not show them in that group. So it may only show 8 people are in the group on the FreeNAS server. I am not sure why the servers are not synced. ANy suggestions ?

Here is the user showing on a Centos machine:

# id lucas
uid=10146(lucas) gid=65536(group1) groups=65536(group1),65539(domain users),65544(group2),65542(group3)

Here is the user showing on FreeNAS:

# id lucas
uid=10146(lucas) gid=65536(group1) groups=65536(group1),65539(domain users),90000002(BUILTIN\users)