Hello all.
I'm trying first time the FreeBSD-based product. All seems fine, but i come to an error i can not solve.
When i try to start an AD service on freenas, it fails with the following messages in logs:
I found, that it comes from the "Domain Controller: LDAP server signing requirements" policy. The fast way, wich comes to mind, is to set it OFF, but it's very unlikely.
So, may be there is a way, to change configs at FreeNAS, so it will negotiate with AD properly?
Thanks in advance.
I'm trying first time the FreeBSD-based product. All seems fine, but i come to an error i can not solve.
When i try to start an AD service on freenas, it fails with the following messages in logs:
Code:
Oct 3 06:17:56 nas-01-hp freenas[1620]: Executing: /usr/sbin/service ix-pam quietstart Oct 3 06:17:56 nas-01-hp freenas[1620]: Executing: /usr/sbin/service ix-samba quietstart Oct 3 06:17:56 nas-01-hp freenas: tdbsam_open: Converting version 0.0 database to version 4.0. Oct 3 06:17:56 nas-01-hp freenas: tdbsam_convert_backup: updated /var/etc/private/passdb.tdb file. Oct 3 06:17:56 nas-01-hp freenas: Importing account for root...ok Oct 3 06:17:57 nas-01-hp freenas[1620]: Executing: /usr/sbin/service ix-kinit quietstart Oct 3 06:18:07 nas-01-hp freenas[1620]: Executing: /usr/sbin/service ix-activedirectory quietstart Oct 3 06:18:08 nas-01-hp freenas: [2011/10/03 06:18:08.546736, 0] libads/sasl.c:823(ads_sasl_spnego_bind) Oct 3 06:18:08 nas-01-hp freenas: kinit succeeded but ads_sasl_spnego_krb5_bind failed: Strong(er) authentication required Oct 3 06:18:08 nas-01-hp freenas: Failed to join domain: failed to connect to AD: Strong(er) authentication required Oct 3 06:18:18 nas-01-hp freenas[1620]: Executing: /usr/sbin/service samba forcestop Oct 3 06:18:18 nas-01-hp freenas[1620]: Executing: /usr/bin/killall nmbd Oct 3 06:18:18 nas-01-hp freenas: No matching processes were found Oct 3 06:18:18 nas-01-hp freenas[1620]: Executing: /usr/bin/killall smbd Oct 3 06:18:18 nas-01-hp freenas: No matching processes were found Oct 3 06:18:18 nas-01-hp freenas[1620]: Executing: /usr/bin/killall winbindd Oct 3 06:18:18 nas-01-hp freenas: No matching processes were found Oct 3 06:18:18 nas-01-hp freenas[1620]: Executing: /usr/sbin/service samba quietstart Oct 3 06:18:19 nas-01-hp freenas: Removing stale Samba tdb files: done Oct 3 06:18:19 nas-01-hp freenas[1620]: Executing: /usr/sbin/service ix-kerberos quietstart Oct 3 06:18:19 nas-01-hp freenas[1620]: Executing: /usr/sbin/service ix-nsswitch quietstart Oct 3 06:18:19 nas-01-hp freenas: Generating host.conf. Oct 3 06:18:19 nas-01-hp freenas[1620]: Executing: /usr/sbin/service ix-pam quietstart Oct 3 06:18:19 nas-01-hp freenas[1620]: Executing: /usr/sbin/service ix-samba quietstart Oct 3 06:18:19 nas-01-hp freenas: tdbsam_open: Converting version 0.0 database to version 4.0. Oct 3 06:18:19 nas-01-hp freenas: tdbsam_convert_backup: updated /var/etc/private/passdb.tdb file. Oct 3 06:18:19 nas-01-hp freenas: Importing account for root...ok Oct 3 06:18:20 nas-01-hp freenas[1620]: Executing: /usr/sbin/service ix-kinit quietstart Oct 3 06:18:20 nas-01-hp freenas[1620]: Executing: /usr/sbin/service ix-activedirectory quietrestart Oct 3 06:18:21 nas-01-hp freenas: No realm set, are we joined ? Oct 3 06:18:21 nas-01-hp freenas[1620]: Executing: /usr/sbin/service samba forcestop Oct 3 06:18:21 nas-01-hp freenas[1620]: Executing: /usr/bin/killall nmbd Oct 3 06:18:21 nas-01-hp freenas: No matching processes were found Oct 3 06:18:21 nas-01-hp freenas[1620]: Executing: /usr/bin/killall smbd Oct 3 06:18:21 nas-01-hp freenas: No matching processes were found Oct 3 06:18:21 nas-01-hp freenas[1620]: Executing: /usr/bin/killall winbindd Oct 3 06:18:21 nas-01-hp freenas: No matching processes were found Oct 3 06:18:21 nas-01-hp freenas[1620]: Executing: /usr/sbin/service samba quietstart Oct 3 06:18:21 nas-01-hp freenas: Removing stale Samba tdb files: . done
I found, that it comes from the "Domain Controller: LDAP server signing requirements" policy. The fast way, wich comes to mind, is to set it OFF, but it's very unlikely.
So, may be there is a way, to change configs at FreeNAS, so it will negotiate with AD properly?
Thanks in advance.