(FreeNAS 8.3.1) AD service doesn't start

[Gdetch]

Hello,

I am currently trying to install a freenas server (version 8.3.1, 64 bits) in a Windows network. It is running on an usb key.

System informations :

Build FreeNAS-8.3.1-RELEASE-p2-x64 (r12686+b770da6_dirty)
Platform AMD A4-5300 APU with Radeon(tm) HD Graphics
Memory 3533MB

On my first try, everything worked well and AD users were visible with wbinfo -u.
The service was able to start.

However, despite the fact that my domain administrator account only have rights on one AD Organisation Unit, all the domain users (~39k) were visible on freenas in winbind db. I then tried to bind to a single OU but couldn't find any way to do it.

I gave up the idea of binding to a single OU, but I couldn't go back to a working state of the active directory service.

I reinstalled freenas on my usb key, I set my configuration back manually (time, global settings, network settings, volumes, etc) but I can't get AD to work like the first time.
(I get the "The service could not be started" error when I try to activate the AD service switch)

Do you guys have any idea to help me to solve my problem?

Ps: My english may be pretty bad, sorry about that.

 

[Gdetch]

Hello again,

My problem is now different. I reinstalled freenas once again and now the AD Switch in WebGUI is on.

However, wbinfo -u gives me this error :

Error looking up domain users

and almost all commands such as wbinfo -m give :

WBC_ERR_WINBIND_NOT_AVAILABLE

During the system boot, I get this error :

Failed to join domain: failed to join domain 'I_REPLACED_MY_DOMAIN_HERE' over rpc : NT_STATUS_QUOTA_EXCEEDED

But in the last lines of /var/log/messages, I got :

kerberos_start: Successful
[...]
AD_join_domain: net ads join -U <my admin account name>
AD_join_domain: Successful

I don't know how to interpret this, can anybody please help me ?
I can provide the whole messages file if needed.

 

[William Grzybowski]

There is a checkbox to turn debug on in the AD screen, try turning that on for extra messages in /var/log/messages, if you have not done that yet.

 

[Gdetch]

Hello,

Verbose logging is checked.

Also, it looks like active directory service is partly active, as I am unable to access to my CIFS share from Windows Explorer when the AD switch is ON.
I still get the errors I described in my second post.

 

[Gdetch]

I've been able to fix my problem.

 

[William Grzybowski]

Please share your solution so other can benefit from it.

 

[Gdetch]

In my case, I had to declare my Freenas server in the active directory controler (most of the tutorials I read only tell you to create a DNS entry, and I couldn't get it to work that way)
I did so, but for some reasons it vanished after my first installation.
I created it back on my AD controler in the servers OU, made a fresh new install and everything went well just like the first time.

I decided to give up chosing a particular OU to bind to samba. The reason I wanted this is that the network here is a small part of a big network, and everything is imported. (I tried to modify the basedn, in configuration files, but I couldn't get it to work afterwards.)

 

[kingtj]

Interesting.... I'm wondering if this explains my problem too? I was simply trying to get FreeNAS to enable Active Directory support and it keeps reporting the service failed and the switch goes back from ON to OFF. When I viewed the debug logs, I was still lost as to the source of the problem. It looked like the commands were running successfully despite it resulting in failure.

We use Windows 2008 Server as our AD master (still running in the Windows 2003 compatibility mode since we have a few 2003 servers left on the network).

I added a DNS entry for freenas as the documentation I found said to do, but didn't try to do anything special to declare freenas an AD server?
Could you explain exactly how you did that? (I'm not much of an AD guru... Just enough enough to manage an existing one day to day, really.)

In my case, I had to declare my Freenas server in the active directory controler (most of the tutorials I read only tell you to create a DNS entry, and I couldn't get it to work that way)
I did so, but for some reasons it vanished after my first installation.
I created it back on my AD controler in the servers OU, made a fresh new install and everything went well just like the first time.

I decided to give up chosing a particular OU to bind to samba. The reason I wanted this is that the network here is a small part of a big network, and everything is imported. (I tried to modify the basedn, in configuration files, but I couldn't get it to work afterwards.)

 

[Gdetch]

I created a Computer entry in our servers OU, and in the name field I entered the freenas hostname. (which should be the same than Hostname field in General Settings and NetBIOS Name in the AD settings, both on freenas).
Also, in the Advance Settings of AD, on freenas, I typed the hostname of my domain controller in the field "Domain Controller"

But we just found out that freenas often deletes its own AD entry when you turn its AD service on & off.
I also found another thread here talking about this issue, looks like there is no solution.. or maybe there wasn't any with 8-3-0 version of freenas, I don't know.
http://forums.freenas.org/threads/f...-account-when-ad-service-stops-restarts.9804/