FreeNAS not connecting to AD anymore

[Hawk]

Hi fellow Users ,

I installed a NAS at my Company with Freenas on it . After the first installation Freenas connected to our AD without any problems and everything worked fine.
Now for some reason it can't connect to AD anymore . I wanted to get an idea , of what is wrong and wanted to look into the logfiles but I get a permission denied with the root account .
So my Questions are :

What can I do to fix the disconnection with AD ?
How do I get permission to read the logfiles , or is there a different way ?

Thanks in Advance ,

Hawk

 

[dlavigne]

What command are you using to read the files? Something like more /var/log/messages should work.

 

[Hawk]

What command are you using to read the files? Something like more /var/log/messages should work.

Im exactly using that command you quoted : /var/log/messages , then it tells me permission denied .

 

[dlavigne]

Are you putting the more in front of it? It won't work otherwise.

 

[XStylus]

Hi fellow Users ,

I installed a NAS at my Company with Freenas on it . After the first installation Freenas connected to our AD without any problems and everything worked fine.
Now for some reason it can't connect to AD any more.

I presume you've checked the basics, but perhaps check them again just for good measure. Make sure the DNS settings of the FreeNAS point to the domain controller. Next, make sure the clocks for the FreeNAS and the domain controller are syncronizing from the same NTP server (or ideally, have the FreeNAS point to the domain controller as its NTP server).

Also, in the FreeNAS UI under Directory Services --> Active Directory, I would set "Connectivity Check" to 30, "Recovery Attempts" to 0, and then enable "Enable AD Monitoring". And then, of course, click "Enable". That way it will continually try to re-connect to Active Directory.

 

[anodos]

I presume you've checked the basics, but perhaps check them again just for good measure. Make sure the DNS settings of the FreeNAS point to the domain controller. Next, make sure the clocks for the FreeNAS and the domain controller are syncronizing from the same NTP server (or ideally, have the FreeNAS point to the domain controller as its NTP server).

Also, in the FreeNAS UI under Directory Services --> Active Directory, I would set "Connectivity Check" to 30, "Recovery Attempts" to 0, and then enable "Enable AD Monitoring". And then, of course, click "Enable". That way it will continually try to re-connect to Active Directory.

Actually, it's a better idea to not enable monitoring unless you have a specific reason to have it enabled.

 

[anodos]

Post output of testparm -s

 

[Hawk]

Are you putting the more in front of it? It won't work otherwise.

Thanks that works now .

 

[Hawk]

I presume you've checked the basics, but perhaps check them again just for good measure. Make sure the DNS settings of the FreeNAS point to the domain controller. Next, make sure the clocks for the FreeNAS and the domain controller are syncronizing from the same NTP server (or ideally, have the FreeNAS point to the domain controller as its NTP server).

Also, in the FreeNAS UI under Directory Services --> Active Directory, I would set "Connectivity Check" to 30, "Recovery Attempts" to 0, and then enable "Enable AD Monitoring". And then, of course, click "Enable". That way it will continually try to re-connect to Active Directory.

Thanks for your Advice so far.
I checked all settings and pointed FreeNas to the domain controller as NTP , still it says that the active directory service couldn't be restarted .
I created a new account for AD join aswell to make sure that's not the problem . Any other suggestions ?
Otherwise I guess I'll reinstall it fresh again .

 

[anodos]

Thanks for your Advice so far.
I checked all settings and pointed FreeNas to the domain controller as NTP , still it says that the active directory service couldn't be restarted .
I created a new account for AD join aswell to make sure that's not the problem . Any other suggestions ?
Otherwise I guess I'll reinstall it fresh again .

Run the following series of commands in sequence (Only applies to 11.1 branch. Some of this should change in 11.2.):
1) sqlite3 /data/freenas-v1.db "UPDATE directoryservice_activedirectory SET ad_enable=1"
2) service ix-hostname start
3) service ix-kerberos start
4) service ix-kinit start
5) klist you should see a kerberos ticket for your domain.
6) service ix-pre-samba start
7) net -d 3 -k ads testjoin copy output to text file and attach here.
8) If there is a problem with you domain join, run net -k ads join
9) If that succeeds run service samba_server restart
10) Check to see if you're joined to AD wbinfo -t. This can take up to 60 seconds to complete.
11) If that returns success then service ix-nsswitch start
12) service ix-pam start

 

[Hawk]

Run the following series of commands in sequence (Only applies to 11.1 branch. Some of this should change in 11.2.):
1) sqlite3 /data/freenas-v1.db "UPDATE directoryservice_activedirectory SET ad_enable=1"
2) service ix-hostname start
3) service ix-kerberos start
4) service ix-kinit start
5) klist you should see a kerberos ticket for your domain.
6) service ix-pre-samba start
7) net -d 3 -k ads testjoin copy output to text file and attach here.
8) If there is a problem with you domain join, run net -k ads join
9) If that succeeds run service samba_server restart
10) Check to see if you're joined to AD wbinfo -t. This can take up to 60 seconds to complete.
11) If that returns success then service ix-nsswitch start
12) service ix-pam start

The txt file with step 7 is attached
Step 8 gave me the following Output :
[root@ITNAS ~]# net -k ads join
Environment LOGNAME is not defined. Trying anonymous access.
Failed to join domain: Not enough storage is available to process this command.

 

[anodos]

The txt file with step 7 is attached
Step 8 gave me the following Output :
[root@ITNAS ~]# net -k ads join
Environment LOGNAME is not defined. Trying anonymous access.
Failed to join domain: Not enough storage is available to process this command.

post output of df -hT and contents of /usr/local/etc/smb4.conf