Problems binding to Samba AD

Status
Not open for further replies.
H

Henning Kessler

Contributor
Joined
Feb 10, 2015
Messages
143
Hi there,

if have setup a AD domain with samba and after binding successfully two Macs to it I tried to bind a FreeNAS server (11.1-U6) to it as well. Unfortunately it fails to bind every time I try.

The first reason was that samba rejected a simple bind so I imported the samba CA, the key and the cert into FreeNAS and selected TLS as encryption and the imported certificate in the setup. That solved the issue with that error but binding still failed.

Here is the output of the commands from the FreeNAS guide Chapter 9.1.2. Mayba someone can give me a hint...
Code:
root@FreeNAS[13:39][~]: sqlite3 /data/freenas-v1.db "update directoryservice_activedirectory set ad_enable=1;"
root@FreeNAS[13:54][~]: echo $?
0
root@FreeNAS[13:54][~]: service ix-kerberos start
root@FreeNAS[13:54][~]: service ix-nsswitch start
root@FreeNAS[13:54][~]: service ix-kinit start
root@FreeNAS[13:55][~]: service ix-kinit status
root@FreeNAS[13:55][~]: echo $?
0
root@FreeNAS[13:55][~]: klist
Credentials cache: FILE:/tmp/krb5cc_0
		Principal: administrator@INT.SOMEWHERE.DE

  Issued				Expires			   Principal
Oct  5 13:55:07 2018  Oct  5 23:55:07 2018  krbtgt/INT.SOMEWHERE.DE@INT.SOMEWHERE.DE
root@FreeNAS[13:55][~]: python /usr/local/www/freenasUI/middleware/notifier.py start cifs
True
root@FreeNAS[13:55][~]: service ix-activedirectory start
Join to domain is not valid: NT code 0xfffffff6
Failed to join domain: failed to connect to AD: Cannot read password
False
winbindd not running? (check /var/run/samba4/winbindd.pid).
smbd not running? (check /var/run/samba4/smbd.pid).
nmbd not running? (check /var/run/samba4/nmbd.pid).
True
root@FreeNAS[13:56][~]: service ix-activedirectory status
root@FreeNAS[13:56][~]: echo $?
1
root@FreeNAS[13:57][~]: python /usr/local/www/freenasUI/middleware/notifier.py restart cifs
True
root@FreeNAS[13:57][~]: service ix-pam start
root@FreeNAS[13:58][~]: service ix-cache start &
[1] 37195
 
H

Henning Kessler

Contributor
Joined
Feb 10, 2015
Messages
143
After having searched to whole day I finally found the solution in this "bug report". I just had to set SASL to seal in the configuration to get this to work. LOL.

I guess a more experienced user would have found this solution surely faster but I agree with the author of the bug report that the FreeNAS guide could use some improvement when it comes to the usage of certs CAs and encryption in this case...

Henning
 
Status
Not open for further replies.

Similar threads

A
  • Locked
SOLVED Join to Active Directory manually
Replies
4
Views
3K
aklyuk
A
C
FreeNAS 11.2 U5 Samba Locks Up Randomly
Replies
15
Views
3K
anodos
anodos
T
  • Locked
AD Anbindung unter 9.2
Replies
2
Views
2K
carp
carp
S
  • Locked
FreeNAS 9.2.1.x cannot enable Active Directory
Replies
0
Views
1K
Sciskaty
S
T
  • Locked
Strange AD Issues on 9.3
Replies
12
Views
2K
sapwood
S
Top