I'm running TN Core 13.0.
I'm trying to get the AD users account to show up in the NSS information. My AD has the uidNumber/gidNumbers, and PrimaryGID(SP?) attributes properly filled. I join the TN server with the Active Directory integration without any errors. I make sure I'm using the idmap backend 'AD' type and the RFC2307 schema mode. When I go run the `getent passwd` on the shell as root, I only get the local user's listed. If it try `wbinfo -t`, `wbinfo -u` 'wbinfo -g`, then all return AD users properly.
Not sure why I'n not getting the user's in NSS.
I'm trying to get the AD users account to show up in the NSS information. My AD has the uidNumber/gidNumbers, and PrimaryGID(SP?) attributes properly filled. I join the TN server with the Active Directory integration without any errors. I make sure I'm using the idmap backend 'AD' type and the RFC2307 schema mode. When I go run the `getent passwd` on the shell as root, I only get the local user's listed. If it try `wbinfo -t`, `wbinfo -u` 'wbinfo -g`, then all return AD users properly.
Not sure why I'n not getting the user's in NSS.
Code:
root@FREENAS1:~ # midclt call activedirectory.config|jq
{
"id": 1,
"domainname": "EXAMPLE.INT",
"bindname": "user-admin",
"bindpw": "",
"verbose_logging": true,
"allow_trusted_doms": true,
"use_default_domain": false,
"allow_dns_updates": true,
"disable_freenas_cache": true,
"restrict_pam": false,
"site": "Default-First-Site-Name",
"timeout": 60,
"dns_timeout": 10,
"nss_info": "RFC2307",
"enable": true,
"kerberos_principal": "FREENAS1$@EXAMPLE.INT",
"createcomputer": "",
"kerberos_realm": 1,
"netbiosname": "FREENAS1",
"netbiosalias": []
}
Code:
root@FREENAS1:~ # testparm
Load smb config files from /usr/local/etc/smb4.conf
Loaded services file OK.
Weak crypto is allowed
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions
# Global parameters
[global]
aio max threads = 2
bind interfaces only = Yes
client ldap sasl wrapping = seal
disable spoolss = Yes
dns proxy = No
domain master = No
enable web service discovery = Yes
interfaces = 127.0.0.1 10.1.1.226
kerberos method = secrets and keytab
kernel change notify = No
load printers = No
local master = No
logging = file
max log size = 5120
nsupdate command = /usr/local/bin/samba-nsupdate -g
preferred master = No
realm = EXAMPLE.INT
registry shares = Yes
restrict anonymous = 2
security = ADS
server multi channel support = No
server role = member server
server string = FreeNAS Server
template shell = /bin/sh
unix extensions = No
winbind cache time = 7200
winbind max domain connections = 10
winbind nss info = rfc2307
winbind use default domain = Yes
workgroup = EXAMPLE
idmap config *: range = 90000001-100000000
idmap config stc: unix_primary_group = Yes
idmap config stc: schema_mode = rfc2307
idmap config stc: range = 10000-90000000
idmap config stc: backend = ad
fruit:nfs_aces = No
rpc_server:mdssvc = disabled
rpc_daemon:mdssd = disabled
idmap config * : backend = tdb
directory name cache size = 0
dos filemode = Yes
[SMB-Backups]
comment = Shared SMB Backups
ea support = No
kernel share modes = No
path = /mnt/VM_Vol1/SMB-Backups
posix locking = No
read only = No
smbd max xattr size = 2097152
vfs objects = fruit streams_xattr shadow_copy_zfs ixnas zfs_core aio_fbsd
fruit:resource = stream
fruit:metadata = stream
nfs4:chown = true
ixnas:dosattrib_xattr = false
Last edited:
