Hello,
when I try to enable LDAP via FreeNAS UI Directory->LDAP and hit save the data gets saved and I get a green confirmation box 'LDAP successfully updated'. The 'Enable' checkbox becomes unticked though and I can't see my ldap users & groups in user/group select.
The console shows the following:
/var/log/slapd on the OpenLDAP server looks fine to me:
The thing is: I had it working before. Here is what happened:
- The first time I installed FreeNAS (2 weeks ago?) I installed and ran through the wizard without LDAP configured.
- Afterwarts I installed an OpenLDAP VM, configured it
- I tried to setup LDAP Directory Service on FreeNAS accordingly - did not work, result same as above
a couple days later:
- a FreeNAS update was released
- did a fresh install, setting up LDAP DS during the install wizard this time, everything worked fine
yet another couple days later:
- decided to update my hypervisor
- disabled LDAP DS in FreeNAS as I had to take down the OpenLDAP VM, and was worried about it not being reachable
- updated hypervisor, restored VM from snapshot
- tried to enable LDAP DS on FreeNAS again: not working anymore
- tried to go through the wizard again (no fresh install, still have to try that when I get a chance), no dice
Doing a ldapsearch manually on a FreeNAS ssh terminal works fine with the authentication provided.
Does anyone have any advice on how to troubleshoot this? Thanks.
Edit:
I did some more digging around and noticed I do not have a 'sssd.conf' anymore. I am pretty sure that has to do with it. I think during the reinstall after which ldap worked I saw 'generate_sssd_conf.py' being called instead of 'generate_smb4_conf.py'.
when I try to enable LDAP via FreeNAS UI Directory->LDAP and hit save the data gets saved and I get a green confirmation box 'LDAP successfully updated'. The 'Enable' checkbox becomes unticked though and I can't see my ldap users & groups in user/group select.
The console shows the following:
Code:
Dec 22 13:43:56 freenas LDAP: /usr/sbin/service ix-ldap forcestop Dec 22 13:43:57 freenas LDAP: /usr/sbin/service ix-nsswitch quietstop Dec 22 13:43:58 freenas LDAP: /usr/sbin/service ix-pam quietstop Dec 22 13:43:58 freenas LDAP: /usr/sbin/service ix-cache quietstop & Dec 22 13:43:59 freenas LDAP: /usr/sbin/service ix-kinit quietstop Dec 22 13:44:01 freenas LDAP: /usr/sbin/service ix-ldap quietstart Dec 22 13:44:03 freenas LDAP: /usr/sbin/service ix-pre-samba start Dec 22 13:44:04 freenas generate_smb4_conf.py: [common.pipesubr:71] Popen()ing: /usr/local/bin/net -d 0 getlocalsid Dec 22 13:44:04 freenas generate_smb4_conf.py: [common.pipesubr:71] Popen()ing: /sbin/sysctl -n 'kern.maxfilesperproc' Dec 22 13:44:04 freenas generate_smb4_conf.py: [common.pipesubr:71] Popen()ing: /usr/local/bin/net -d 0 getlocalsid
/var/log/slapd on the OpenLDAP server looks fine to me:
Code:
Dec 22 13:44:05 ldap slapd[1536]: conn=1198 fd=15 ACCEPT from IP=10.0.20.4:53025 (IP=0.0.0.0:389) Dec 22 13:44:05 ldap slapd[1536]: conn=1198 op=0 EXT oid=1.3.6.1.4.1.1466.20037 Dec 22 13:44:05 ldap slapd[1536]: conn=1198 op=0 STARTTLS Dec 22 13:44:05 ldap slapd[1536]: conn=1198 op=0 RESULT oid= err=0 text= Dec 22 13:44:06 ldap slapd[1536]: conn=1198 fd=15 TLS established tls_ssf=256 ssf=256 Dec 22 13:44:06 ldap slapd[1536]: conn=1198 op=1 BIND dn="cn=nssproxy,ou=users,dc=redacted,dc=de" method=128 Dec 22 13:44:06 ldap slapd[1536]: conn=1198 op=1 BIND dn="cn=nssproxy,ou=users,dc=redacted,dc=de" mech=SIMPLE ssf=0 Dec 22 13:44:06 ldap slapd[1536]: conn=1198 op=1 RESULT tag=97 err=0 text= Dec 22 13:44:06 ldap slapd[1536]: conn=1198 op=2 SRCH base="" scope=0 deref=0 filter="(objectClass=*)" Dec 22 13:44:06 ldap slapd[1536]: conn=1198 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= Dec 22 13:44:06 ldap slapd[1536]: conn=1198 op=3 UNBIND Dec 22 13:44:06 ldap slapd[1536]: conn=1198 fd=15 closed Dec 22 13:44:06 ldap slapd[1536]: conn=1199 fd=15 ACCEPT from IP=10.0.20.4:11278 (IP=0.0.0.0:389) Dec 22 13:44:06 ldap slapd[1536]: conn=1199 op=0 EXT oid=1.3.6.1.4.1.1466.20037 Dec 22 13:44:06 ldap slapd[1536]: conn=1199 op=0 STARTTLS Dec 22 13:44:06 ldap slapd[1536]: conn=1199 op=0 RESULT oid= err=0 text= Dec 22 13:44:06 ldap slapd[1536]: conn=1199 fd=15 TLS established tls_ssf=256 ssf=256 Dec 22 13:44:06 ldap slapd[1536]: conn=1199 op=1 BIND dn="cn=nssproxy,ou=users,dc=redacted,dc=de" method=128 Dec 22 13:44:06 ldap slapd[1536]: conn=1199 op=1 BIND dn="cn=nssproxy,ou=users,dc=redacted,dc=de" mech=SIMPLE ssf=0 Dec 22 13:44:06 ldap slapd[1536]: conn=1199 op=1 RESULT tag=97 err=0 text= Dec 22 13:44:06 ldap slapd[1536]: conn=1199 op=2 UNBIND Dec 22 13:44:06 ldap slapd[1536]: conn=1199 fd=15 closed
The thing is: I had it working before. Here is what happened:
- The first time I installed FreeNAS (2 weeks ago?) I installed and ran through the wizard without LDAP configured.
- Afterwarts I installed an OpenLDAP VM, configured it
- I tried to setup LDAP Directory Service on FreeNAS accordingly - did not work, result same as above
a couple days later:
- a FreeNAS update was released
- did a fresh install, setting up LDAP DS during the install wizard this time, everything worked fine
yet another couple days later:
- decided to update my hypervisor
- disabled LDAP DS in FreeNAS as I had to take down the OpenLDAP VM, and was worried about it not being reachable
- updated hypervisor, restored VM from snapshot
- tried to enable LDAP DS on FreeNAS again: not working anymore
- tried to go through the wizard again (no fresh install, still have to try that when I get a chance), no dice
Doing a ldapsearch manually on a FreeNAS ssh terminal works fine with the authentication provided.
Does anyone have any advice on how to troubleshoot this? Thanks.
Edit:
I did some more digging around and noticed I do not have a 'sssd.conf' anymore. I am pretty sure that has to do with it. I think during the reinstall after which ldap worked I saw 'generate_sssd_conf.py' being called instead of 'generate_smb4_conf.py'.
Last edited: