I'm running TN Core 13.0.
I'm trying to get the AD users account to show up in the NSS information. My AD has the uidNumber/gidNumbers, and PrimaryGID(SP?) attributes properly filled. I join the TN server with the Active Directory integration without any errors. I make sure I'm using the idmap backend 'AD' type and the RFC2307 schema mode. When I go run the `getent passwd` on the shell as root, I only get the local user's listed. If it try `wbinfo -t`, `wbinfo -u` 'wbinfo -g`, then all return AD users properly.
Not sure why I'n not getting the user's in NSS.
I'm trying to get the AD users account to show up in the NSS information. My AD has the uidNumber/gidNumbers, and PrimaryGID(SP?) attributes properly filled. I join the TN server with the Active Directory integration without any errors. I make sure I'm using the idmap backend 'AD' type and the RFC2307 schema mode. When I go run the `getent passwd` on the shell as root, I only get the local user's listed. If it try `wbinfo -t`, `wbinfo -u` 'wbinfo -g`, then all return AD users properly.
Not sure why I'n not getting the user's in NSS.
Code:
root@FREENAS1:~ # midclt call activedirectory.config|jq { "id": 1, "domainname": "EXAMPLE.INT", "bindname": "user-admin", "bindpw": "", "verbose_logging": true, "allow_trusted_doms": true, "use_default_domain": false, "allow_dns_updates": true, "disable_freenas_cache": true, "restrict_pam": false, "site": "Default-First-Site-Name", "timeout": 60, "dns_timeout": 10, "nss_info": "RFC2307", "enable": true, "kerberos_principal": "FREENAS1$@EXAMPLE.INT", "createcomputer": "", "kerberos_realm": 1, "netbiosname": "FREENAS1", "netbiosalias": [] }
Code:
root@FREENAS1:~ # testparm Load smb config files from /usr/local/etc/smb4.conf Loaded services file OK. Weak crypto is allowed Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions # Global parameters [global] aio max threads = 2 bind interfaces only = Yes client ldap sasl wrapping = seal disable spoolss = Yes dns proxy = No domain master = No enable web service discovery = Yes interfaces = 127.0.0.1 10.1.1.226 kerberos method = secrets and keytab kernel change notify = No load printers = No local master = No logging = file max log size = 5120 nsupdate command = /usr/local/bin/samba-nsupdate -g preferred master = No realm = EXAMPLE.INT registry shares = Yes restrict anonymous = 2 security = ADS server multi channel support = No server role = member server server string = FreeNAS Server template shell = /bin/sh unix extensions = No winbind cache time = 7200 winbind max domain connections = 10 winbind nss info = rfc2307 winbind use default domain = Yes workgroup = EXAMPLE idmap config *: range = 90000001-100000000 idmap config stc: unix_primary_group = Yes idmap config stc: schema_mode = rfc2307 idmap config stc: range = 10000-90000000 idmap config stc: backend = ad fruit:nfs_aces = No rpc_server:mdssvc = disabled rpc_daemon:mdssd = disabled idmap config * : backend = tdb directory name cache size = 0 dos filemode = Yes [SMB-Backups] comment = Shared SMB Backups ea support = No kernel share modes = No path = /mnt/VM_Vol1/SMB-Backups posix locking = No read only = No smbd max xattr size = 2097152 vfs objects = fruit streams_xattr shadow_copy_zfs ixnas zfs_core aio_fbsd fruit:resource = stream fruit:metadata = stream nfs4:chown = true ixnas:dosattrib_xattr = false
Last edited: