Problem joining Windows Server 2008R2 Domain

Thomymaster · Apr 30, 2014

Hi All

I want to setup AD authentication with my FreeNAS (9.2.1.3) but there is an error and i don't know what i am doing wrong here.

I read through http://doc.freenas.org/index.php/Directory_Services and i filled out the fields in the "Directory Services" section under "Services", e.g. Domain-Name, Administrator Account info...
When i now enable the "Directory Services", i get:

Code:

May  1 01:18:17 freenas ActiveDirectory: /usr/sbin/service ix-kerberos quietstart
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: krbhost=,  kpwdhost=, domainname=kuk.local
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: verify_krb5_conf:
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: /realms/KUK.LOCAL/kdc:
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: hostname
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: nor
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: servname
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: provided,
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: or
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: not
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: known
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: ()
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: verify_krb5_conf:
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: /realms/KUK.LOCAL/admin_server:
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: hostname
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: nor
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: servname
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: provided,
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: or
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: not
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: known
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: ()
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: verify_krb5_conf:
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: /realms/KUK.LOCAL/kpasswd_server:
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: hostname
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: nor
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: servname
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: provided,
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: or
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: not
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: known
May  1 01:18:18 freenas ix-kerberos: generate_krb5_conf: ()
May  1 01:18:18 freenas ActiveDirectory: /usr/sbin/service ix-nsswitch quietstart
May  1 01:18:18 freenas ActiveDirectory: /usr/sbin/service ix-pam quietstart
May  1 01:18:19 freenas ActiveDirectory: /usr/sbin/service ix-kinit quietstart
May  1 01:18:30 freenas ActiveDirectory: /usr/sbin/service ix-kinit status
May  1 01:18:35 freenas ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py stop cifs
May  1 01:18:37 freenas notifier: winbindd not running? (check /var/run/samba/winbindd.pid).
May  1 01:18:37 freenas notifier: smbd not running? (check /var/run/samba/smbd.pid).
May  1 01:18:37 freenas notifier: nmbd not running? (check /var/run/samba/nmbd.pid).
May  1 01:18:38 freenas ActiveDirectory: /usr/sbin/service ix-kerberos quietstop
May  1 01:18:38 freenas ActiveDirectory: /usr/sbin/service ix-nsswitch quietstop
May  1 01:18:38 freenas ActiveDirectory: /usr/sbin/service ix-pam quietstop
May  1 01:18:38 freenas ActiveDirectory: /usr/sbin/service ix-kinit forcestop
May  1 01:18:38 freenas ActiveDirectory: /usr/sbin/service ix-activedirectory forcestop
May  1 01:18:40 freenas ActiveDirectory: /usr/sbin/service ix-cache quietstop &
May  1 01:18:40 freenas ActiveDirectory: /usr/sbin/service samba_server forcestop
May  1 01:18:41 freenas ActiveDirectory: /usr/sbin/service ix-samba start
May  1 01:18:42 freenas generate_smb4_conf.py: [common.pipesubr:58] Popen()ing: /usr/local/bin/pdbedit -d 0 -i smbpasswd:/tmp/tmpAjOM5S -e tdbsam:/var/etc/private/passdb.tdb -s /usr/local/etc/smb4.conf

- DNS is configured right, i.e. i can nslookup/ping filer.kuk.local (which is the DC)
- i also have the SRV record set -> _ldap._tcp.dc._msdcs.kuk.local and can confirm that this is working (i don't have any other problems in my domain).

What is the problem here?

bigphil · Apr 30, 2014

You might try my guide here. Also...since you're on 9.2.1.3, any particular reason you're not running 9.2.1.5?

Thomymaster · May 1, 2014

I still have no luck, the error message is always the same as above.

What i did is i added the rest of the SRV records in my DNS server:

_ldap._tcp.kuk..local SRV 0 0 389
_kerberos._tcp.kuk..local SRV 0 0 88
_ldap._tcp.dc._msdcs.kuk..local SRV 0 0 389 (this one was already added)
_kerberos._tcp.dc. msdcs.kuk..local SRV 0 0 88

Thomymaster · May 1, 2014

Hi

The issue is the same with a fresh 9.2.1.5 install.

Thomymaster · May 9, 2014

I opened a bug:
https://bugs.freenas.org/issues/4967

Important Announcement for the TrueNAS Community.

Problem joining Windows Server 2008R2 Domain

Thomymaster

Contributor

bigphil

Patron

Thomymaster

Contributor

Thomymaster

Contributor

Thomymaster

Contributor

Similar threads