Register for the iXsystems Community to get an ad-free experience and exclusive discounts in our eBay Store.

SOLVED Cannot join Active Directory (9.3 clean install with restored 9.2.1.9 config)

Status
Not open for further replies.

-M-

Newbie
Joined
Dec 14, 2014
Messages
2
Hello all,

I am having trouble joining 9.3 to Active Directory (Windows Server 2012 R2). The system had been running 9.2.1.9. I saved the 9.2.1.9 configuration, performed a clean installation of 9.3 onto new drives, and restored the 9.2.1.9 config.

Active Directory integration worked perfectly in 9.2.1.x. But after implementing 9.3 and restoring the 9.2.1.9 config I noticed none of the AD users or groups were showing up. I looked under Directory Service --> Active Directory and the restored configuration was there but the Enable checkbox was not checked. After checking it and clicking save, FreeNAS took about 60 seconds and then displayed the message: "The Service Failed to Restart".

I verified the correct NETBIOS name for the server is set under both Directory Service/Advanced Settings and the settings for the CIFS service (which is started). I also tried deleting the old computer account from AD (that was added when the 9.2.1.x server was joined to the domain), but all attempts to configure and enable Active Directory support in 9.3 still result in the message 'The Service Failed to Restart". A new computer account has also not been created in AD by the subsequent join attempts.

From the shell, wbinfo -g and wbinfo-u return nothing.

wbinfo -t results in:

checking the trust secret for domain DOMAIN via RPC calls failed
error code was NT_STATUS_NO_SUCH_DOMAIN (0xc00000df)
failed to call wbcCheckTrustCredentials: WBC_ERR_AUTH_ERROR
Could not check secret

and service ix-activedirectory restart displays:

No realm set, are we joined ?

I have tried specifying the name of the Domain Controller and a Global Catalog Server but neither helped. I also tried configuring the CIFS service for just the single network interface that connects to the network supporting Active Directory and that did not help either.

THANKS in advance if anyone has any tips or tricks that might get this working. Please let me know if there is any other information I can provide.

M

p.s the name of the AD domain is: domain.local.
 
Last edited:

-M-

Newbie
Joined
Dec 14, 2014
Messages
2
UPDATE:

I did a clean test install of 9.3 in a virtual machine as was able to join it to Active Directory without any difficulties. So I bit the bullet and re-installed 9.3 on my production storage server, not restoring the 9.2.1.9 config. This time I was able to join it to AD no problem. It's a bit of a pain to have to redo the rest of the system configuration but I am glad it is working.

Before I did the re-install I did try doing a Factory Restore but after rebooting and configuring a network interface the web console errored out with an "Unhandled Exception". The restoration of my old 9.2.1.9 config seems to have really gummed things up. Probably just a fluke in the grand scheme of things.

All is well now that everything is working.

M
 
Status
Not open for further replies.
Top