Freenas9.3 with Active Directory

Status
Not open for further replies.

jianmoto

Dabbler
Joined
Jan 25, 2015
Messages
28
Today I want to join the freenas9.3 into my Active Directory.Unfortunately,I got error.Here is what I do:
1. Istall a windows server 2008R2,and start the ntp service.
2.Add the Active Directory service in the windows server and it will add the DNS service,too.
3.Install freenas9.3,and configure the IP.
4.login the web interface,set the DNS and NTP of freenas to the windows server 2008R2.
5.Add a volum.
6. Add a cifs share with default configure.
7. configure the cifs service in service -> cifs ,uncheck Local Master and Time Server for Domain.
8. configure the Active Directory in Directory -> Active Directory .
Domain Name: mytest.com
Domain Account Name: administrator
Domain Account Password:mypassword
Enable : check
And then click the save button.
It return a error {'desc': "Can't contact LDAP server"}.the first time.And then when I click the save button the second time,it dosen't post any error in the webUI. But there is no AD user in the table of view user. And the console of freenas show some error:
Counld not fetch our SID - did we join?
unable to initialize domain list
freenas nmbd: STATUS=daemon 'nmdb' finished starting up and ready to serve connectionsGot SIGTERM: going down...


And then I login the freenas shell run wbinfo -u ,wbinfo -g and wbinfo -t. It show the AD user and group and no error. And then I run net ads info -S mytest.com -U administrator ,It show no error. But when I run net ads join -S mytest.com -U administrator ,I get some error:
kinit succeeded but ads_sasl_spnego_krb5_bind failed: Server not found in kerberos database

Failed to join domain: failed to connect to AD: Server not found in kerberos database.

And there is a computer in the AD name freenas.

Is there anyting wrong to me?
Anyone can solve my problem?
Thanks
 
Last edited:
D

dlavigne

Guest
Are there valid A and PTR records for the FreeNAS system in the DNS of the Windows server?
 

jianmoto

Dabbler
Joined
Jan 25, 2015
Messages
28
I add the record freenas.mytest.com point to the freenas IP .But it dosen't work.Is there any more I should add?
 

depasseg

FreeNAS Replicant
Joined
Sep 16, 2014
Messages
2,874
yes. DNS was the culprit. freenas ip and host/domain name need to be in the AD DNS server, and freenas must use that DNS server.
 

jianmoto

Dabbler
Joined
Jan 25, 2015
Messages
28
yes. DNS was the culprit. freenas ip and host/domain name need to be in the AD DNS server, and freenas must use that DNS server.
Can you tell me your setting in the DNS server ?My freenas had use the DNS server of AD DNS server.
 

depasseg

FreeNAS Replicant
Joined
Sep 16, 2014
Messages
2,874
It's just an a record with my freenas server name (which matches the actual name of my freenas server). :smile:

upload_2015-3-25_8-22-52.png
 

jianmoto

Dabbler
Joined
Jan 25, 2015
Messages
28
Thank you for your reply.
I do the same thing with another environment.And it work healthy. And I test the old environment,I find my router was in trouble.
And the other thing is I forget to reboot after add the freenas in AD.So It dosen't work.
But there is a problem of freenas: the AD users don't show in the account > view users and groups.
This may be the bug of freenas.
 

depasseg

FreeNAS Replicant
Joined
Sep 16, 2014
Messages
2,874
I think that is by design, or at least it is well known. If you go to set permissions however, you should see the users and groups there.
 
Status
Not open for further replies.
Top