[SOLVED] Join Active Directory - how to start anew?

Patrick M. Hausen

Patrick M. Hausen

Hall of Famer
Joined
Nov 25, 2013
Messages
7,776
Hi all,

I accidentally joined two systems with the same netbios name ("truenas" - duh!) to my domain and now I have trouble leaving and properly re-joyning. One of the systems is throwing this SQLite error:
Code:
(sqlite3.IntegrityError) FOREIGN KEY constraint failed [SQL: UPDATE directoryservice_activedirectory SET id=?, ad_domainname=?, ad_bindname=?, ad_bindpw=?, ad_verbose_logging=?, ad_allow_trusted_doms=?, ad_use_default_domain=?, ad_allow_dns_updates=?, ad_disable_freenas_cache=?, ad_restrict_pam=?, ad_site=?, ad_timeout=?, ad_dns_timeout=?, ad_nss_info=?, ad_enable=?, ad_kerberos_realm_id=?, ad_kerberos_principal=?, ad_createcomputer=? WHERE directoryservice_activedirectory.id = ?] [parameters: (1, 'INTERN.PUNKT.DE', 'Administrator', '55uu6PafvDVaBwwmQAa5x/G7i9IvgEM9inbD7GUBVaFIA1/Sin+t+Q==', 0, 0, 1, 1, 0, 0, '', 60, 10, None, 1, 1, '', '', 1)] (Background on this error at: https://sqlalche.me/e/14/gkpj)


What do I need to wipe to get a fresh start? I already removed the computer account directly on the domain controller.
 
Patrick M. Hausen

Patrick M. Hausen

Hall of Famer
Joined
Nov 25, 2013
Messages
7,776
Still no banana:
Code:
root@truenas-ffm[~]# net rpc join -U Administrator
Password for [INTERN\Administrator]:
Failed to join domain: failed to find DC for domain INTERN - The object was not found.

Nameservers are of course pointing to the domain controllers and do work.
 
Patrick M. Hausen

Patrick M. Hausen

Hall of Famer
Joined
Nov 25, 2013
Messages
7,776
Nobody? I hate to poke you directly @anodos - when you find the time, greatly appreciated.

I was able to repair the new system that started my mess by doing a factory reset and re-joining. For the older one I would rather avoid that, since I have four interfaces, one LAGG, VLANs, jails and VMs ... recreating all of the config won't be fun. I'd rather mess with the SQLite DB first.

The system that I successfully re-joined shows some odd behaviour, though. Domain name "intern.punkt.de", NT name "INTERN". net usersidlist works as does pw user show -a.

But this gives an error:
Code:
root@truenas-ffm[~]# net rpc info
Unable to find a suitable server for domain INTERN


Is this to be expected? samba-tool is not yet part of TrueNAS CORE, right?
 
Patrick M. Hausen

Patrick M. Hausen

Hall of Famer
Joined
Nov 25, 2013
Messages
7,776
I ended up doing a full factory reset of both units and recreating the configuration. Everything working, now.

Does nobody use TrueNAS with Active Directory?
 
You must log in or register to reply here.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "[SOLVED] Join Active Directory - how to start anew?"

Similar threads

H
  • Locked
Problems binding to Samba AD
Replies
1
Views
4K
Henning Kessler
H
DanPrs
  • Locked
Domain Join Issue - Must be the 9000th post :/
Replies
3
Views
2K
dlavigne
D
A
Old Active Directory data still in config
Replies
2
Views
2K
andrewjones216
A
B
SOLVED - TrueNAS SCALE - Hard Drives Visible in lsblk but Not in GUI
2
Replies
22
Views
2K
bhk
B
Inabon
sqlilte error creating link aggregation
Replies
8
Views
2K
gwjunk
G
Top