I have a Server which we joined into a Windows Server 2019 Domain (The Domain is Services Function Level 2016). All was working fine, but we need to change the TrueNAS Server to another Domain/Server/Forest. First i tried to delete the AD configuration from the System but it turns out (like here mentioned in the Forums) that installing fresh is the way to go.
So i installed a fresh 13.3-U3.1.iso onto the system. I made sure the Timezone is the same as my DC (UTC) and times are the same. I checked DNS, all working fine.
When joining the Domain (it is also a freshly installed Windows Server 2022 Server with AD Services Function Level 2016) i get an error:
So i checked the "Allow Trusted Domains" Box and tried again. Then a small progress Windows comes up, but eventually this error shows:
The 2022 Server AD also as a PKI installed and AD/LDAP is also available via SSL.
I unchecked "Enable" to have my settings at least stored, then went to System->CAs and imported the RootCA Certificate from the DC PKI.
Got back to Active Directory Menu and tried to enable, it makes no difference. Same error message.
So to make sure, i installed two virtual machines with TrueNAS Core 13.0-U3.1 onto my Hypervisior. I did the same basic configuration with Timezone and DNS checks.
I joined one of the Servers into the old AD without problems, but i get the same error when trying to join the other VM into the New Domain.
I'm not entirely sure why i have that problem or whats causing it. One notable difference however is that one is Windows Server 2019 and one is 2022.
Does someone have an idea how to get that working?
So i installed a fresh 13.3-U3.1.iso onto the system. I made sure the Timezone is the same as my DC (UTC) and times are the same. I checked DNS, all working fine.
When joining the Domain (it is also a freshly installed Windows Server 2022 Server with AD Services Function Level 2016) i get an error:
Code:
[EFAULT] activedirectory_update: Failed to validate domain configuration: 'NTSTATUSError' object is not subscriptable
Code:
Error: Traceback (most recent call last): File "/usr/local/lib/python3.9/site-packages/middlewared/plugins/activedirectory.py", line 211, in _do_cldap cldap_ret = self.netctx.finddc( samba.NTSTATUSError: (3221226045, 'The remote system is not reachable by the transport.') During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/local/lib/python3.9/site-packages/middlewared/plugins/activedirectory.py", line 547, in do_update await self.middleware.run_in_thread(self.check_clockskew, new) File "/usr/local/lib/python3.9/site-packages/middlewared/main.py", line 1154, in run_in_thread return await self.run_in_executor(self.thread_pool_executor, method, *args, **kwargs) File "/usr/local/lib/python3.9/site-packages/middlewared/main.py", line 1151, in run_in_executor return await loop.run_in_executor(pool, functools.partial(method, *args, **kwargs)) File "/usr/local/lib/python3.9/concurrent/futures/thread.py", line 58, in run result = self.fn(*self.args, **self.kwargs) File "/usr/local/lib/python3.9/site-packages/middlewared/plugins/activedirectory.py", line 827, in check_clockskew pdc = ActiveDirectory_Conn(conf=ad, logger=self.logger).get_pdc() File "/usr/local/lib/python3.9/site-packages/middlewared/plugins/activedirectory.py", line 240, in get_pdc cldap_ret = self._do_cldap() File "/usr/local/lib/python3.9/site-packages/middlewared/plugins/activedirectory.py", line 222, in _do_cldap f"failed with error: {e[1]}.") TypeError: 'NTSTATUSError' object is not subscriptable During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/local/lib/python3.9/site-packages/middlewared/main.py", line 139, in call_method result = await self.middleware._call(message['method'], serviceobj, methodobj, params, app=self) File "/usr/local/lib/python3.9/site-packages/middlewared/main.py", line 1235, in _call return await methodobj(*prepared_call.args) File "/usr/local/lib/python3.9/site-packages/middlewared/service.py", line 387, in update rv = await self.middleware._call( File "/usr/local/lib/python3.9/site-packages/middlewared/main.py", line 1235, in _call return await methodobj(*prepared_call.args) File "/usr/local/lib/python3.9/site-packages/middlewared/schema.py", line 975, in nf return await f(*args, **kwargs) File "/usr/local/lib/python3.9/site-packages/middlewared/plugins/activedirectory.py", line 553, in do_update raise ValidationError( middlewared.service_exception.ValidationError: [EFAULT] activedirectory_update: Failed to validate domain configuration: 'NTSTATUSError' object is not subscriptable
So i checked the "Allow Trusted Domains" Box and tried again. Then a small progress Windows comes up, but eventually this error shows:
Code:
'NTSTATUSError' object is not subscriptable
Code:
Error: Traceback (most recent call last): File "/usr/local/lib/python3.9/site-packages/middlewared/plugins/activedirectory.py", line 211, in _do_cldap cldap_ret = self.netctx.finddc( samba.NTSTATUSError: (3221226045, 'The remote system is not reachable by the transport.') During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/local/lib/python3.9/site-packages/middlewared/job.py", line 355, in run await self.future File "/usr/local/lib/python3.9/site-packages/middlewared/job.py", line 391, in __run_body rv = await self.method(*([self] + args)) File "/usr/local/lib/python3.9/site-packages/middlewared/plugins/activedirectory.py", line 671, in start new_site = await self.middleware.call('activedirectory.get_site') File "/usr/local/lib/python3.9/site-packages/middlewared/main.py", line 1278, in call return await self._call( File "/usr/local/lib/python3.9/site-packages/middlewared/main.py", line 1246, in _call return await self.run_in_executor(prepared_call.executor, methodobj, *prepared_call.args) File "/usr/local/lib/python3.9/site-packages/middlewared/main.py", line 1151, in run_in_executor return await loop.run_in_executor(pool, functools.partial(method, *args, **kwargs)) File "/usr/local/lib/python3.9/concurrent/futures/thread.py", line 58, in run result = self.fn(*self.args, **self.kwargs) File "/usr/local/lib/python3.9/site-packages/middlewared/plugins/activedirectory.py", line 1299, in get_site site = ActiveDirectory_Conn(conf=ad, logger=self.logger).get_site() File "/usr/local/lib/python3.9/site-packages/middlewared/plugins/activedirectory.py", line 236, in get_site cldap_ret = self._do_cldap() File "/usr/local/lib/python3.9/site-packages/middlewared/plugins/activedirectory.py", line 222, in _do_cldap f"failed with error: {e[1]}.") TypeError: 'NTSTATUSError' object is not subscriptable
The 2022 Server AD also as a PKI installed and AD/LDAP is also available via SSL.
I unchecked "Enable" to have my settings at least stored, then went to System->CAs and imported the RootCA Certificate from the DC PKI.
Got back to Active Directory Menu and tried to enable, it makes no difference. Same error message.
So to make sure, i installed two virtual machines with TrueNAS Core 13.0-U3.1 onto my Hypervisior. I did the same basic configuration with Timezone and DNS checks.
I joined one of the Servers into the old AD without problems, but i get the same error when trying to join the other VM into the New Domain.
I'm not entirely sure why i have that problem or whats causing it. One notable difference however is that one is Windows Server 2019 and one is 2022.
Does someone have an idea how to get that working?