Unable to start AD Service

CavemanSean · Aug 31, 2013

I configure everything as per http://doc.freenas.org/index.php/Directory_Services]This Page[/url]
I can ping "freenas" & "freenas.cavemansolutions.ca" from the DC
I can ping "cavemansolutions.ca" and it resolves the proper IP address on the freenas box

Both NAS and DC have the correct time (both are using the exact same server)
I've googled my head off trying to figure this one out :(, if anyone has an idea it'd be greatly appreciated.

Here is what I pulled from /var/log/messages

Code:

Aug 31 16:23:16 freenas ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py stop cifs
Aug 31 16:23:18 freenas notifier: Stopping dbus.
Aug 31 16:23:18 freenas avahi-daemon[12372]: Disconnected from D-Bus, exiting.
Aug 31 16:23:18 freenas notifier: Waiting for PIDS: 12343.
Aug 31 16:23:18 freenas notifier: dbus not running? (check /var/run/dbus/dbus.pid).
Aug 31 16:23:18 freenas notifier: Starting dbus.
Aug 31 16:23:18 freenas notifier: Stopping avahi-daemon.
Aug 31 16:23:18 freenas notifier: Failed to kill daemon: No such file or directory
Aug 31 16:23:18 freenas notifier: Stopping avahi-daemon.
Aug 31 16:23:18 freenas notifier: Failed to kill daemon: No such file or directory
Aug 31 16:23:18 freenas notifier: Starting avahi-daemon.
Aug 31 16:23:18 freenas avahi-daemon[16462]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
Aug 31 16:23:18 freenas notifier: winbindd not running? (check /var/run/samba/winbindd.pid).
Aug 31 16:23:18 freenas notifier: smbd not running? (check /var/run/samba/smbd.pid).
Aug 31 16:23:18 freenas notifier: nmbd not running? (check /var/run/samba/nmbd.pid).
Aug 31 16:23:19 freenas ActiveDirectory: /usr/sbin/service ix-kerberos quietstart
Aug 31 16:23:19 freenas ActiveDirectory: /usr/sbin/service ix-nsswitch quietstart
Aug 31 16:23:19 freenas ActiveDirectory: /usr/sbin/service ix-pam quietstart
Aug 31 16:23:20 freenas ActiveDirectory: /usr/sbin/service ix-kinit quietstart
Aug 31 16:23:30 freenas ActiveDirectory: /usr/sbin/service ix-kinit status

It's probably staring me right in the face in the above error message, but alas sadly I'm a Windows guy, although I'm working on learning the ways of Linux after I found out about FreeNAS from a co-worker!

nerdbomber · Sep 2, 2013

I have been having the same issue for the past two days running FreeNAS 9.1.1 and Server 2008 R2 as AD Domain Controller and DNS. I am a FreeNAS NOOB, so please do not be too harsh!

I have setup NTP, and the times between the FreeNAS and Server are synced perfectly. I have created a DNS entry for HADNAS with IPv4 = 192.168.1.99, and I have also, per troubleshooting tips, added the FreeNAS hostname as a computer in AD. I can ping my domain controller's DNS name from the FreeNAS shell, and I can ping my FreeNAS' DNS name from the domain controller.

I have configured FreeNAS as follows:

Network Settings -> Global Configuration:

Hostname = HADNAS
Domain = hadshare.com
IPv4 Default Gateway = 192.168.1.1 (router)
Nameserver 1 = 192.168.1.155

Network Settings -> Interfaces = em0, DHCP=false, IPv4 Address=192.168.1.99, Netmask=255.255.255.0
Settings -> General -> Directory Service = Active Directory

Directory Services -> Active Directory:

Domain Name = hadshare.com
NetBIOS Name = HADNAS
Workgroup Name = HADSHARE
Administrator Name = Administrator
Use Default Domain = Checked
Domain Controller = HADSRV1 (have also tried using the IP of DC)

CIFS:

NetBIOS Name = HADNAS
Workgroup = HADSHARE
Local Master = Unchecked (recommended by other users having issues)
Zeroconf share discover = Unchecked (recommended by other users having issues)

* Recommended changes have been tested with the changes in both configurations.

This is the log I get when trying to enable Directory Services:

Sep 2 13:05:16 HADNAS ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py stop cifs
Sep 2 13:05:17 HADNAS notifier: dbus not running? (check /var/run/dbus/dbus.pid).
Sep 2 13:05:17 HADNAS notifier: Will not 'restart' dbus because dbus_enable is NO.
Sep 2 13:05:17 HADNAS notifier: Stopping avahi-daemon.
Sep 2 13:05:17 HADNAS notifier: Failed to kill daemon: No such file or directory
Sep 2 13:05:17 HADNAS notifier: Will not 'restart' avahi_daemon because avahi_daemon_enable is NO.
Sep 2 13:05:18 HADNAS notifier: winbindd not running? (check /var/run/samba/winbindd.pid).
Sep 2 13:05:18 HADNAS notifier: Stopping smbd.
Sep 2 13:05:19 HADNAS notifier: Waiting for PIDS: 8863, 8863.
Sep 2 13:05:19 HADNAS notifier: Stopping nmbd.
Sep 2 13:05:20 HADNAS notifier: Waiting for PIDS: 8859, 8859.
Sep 2 13:05:20 HADNAS ActiveDirectory: /usr/sbin/service ix-kerberos quietstart
Sep 2 13:05:20 HADNAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Sep 2 13:05:20 HADNAS ActiveDirectory: generate_krb5_conf: krbhost=hadsrv1.hadshare.com, kpwdhost=hadsrv1.hadshare.com, domainname=hadshare.com
Sep 2 13:05:20 HADNAS ActiveDirectory: /usr/sbin/service ix-nsswitch quietstart
Sep 2 13:05:20 HADNAS ActiveDirectory: /usr/sbin/service ix-pam quietstart
Sep 2 13:05:20 HADNAS ActiveDirectory: /usr/sbin/service ix-kinit quietstart
Sep 2 13:05:20 HADNAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Sep 2 13:05:20 HADNAS ActiveDirectory: kerberos_start: kinit --password-file=/tmp/tmp.1hmEtJhD Administrator@HADSHARE.COM
Sep 2 13:05:20 HADNAS ActiveDirectory: kerberos_start: Failed
Sep 2 13:05:30 HADNAS ActiveDirectory: /usr/sbin/service ix-kinit status
Sep 2 13:05:30 HADNAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Sep 2 13:05:30 HADNAS ActiveDirectory: kerberos_status: klist -l | grep -q ^Administrator@HADSHARE.COM
Sep 2 13:05:30 HADNAS ActiveDirectory: kerberos_status: Failed

This is the log I get when I run Shell -> kinit Administrator and enter password, then try to start Directory Services:

Sep 2 13:08:02 HADNAS ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py stop cifs
Sep 2 13:08:03 HADNAS notifier: dbus not running? (check /var/run/dbus/dbus.pid).
Sep 2 13:08:03 HADNAS notifier: Will not 'restart' dbus because dbus_enable is NO.
Sep 2 13:08:03 HADNAS notifier: Stopping avahi-daemon.
Sep 2 13:08:03 HADNAS notifier: Failed to kill daemon: No such file or directory
Sep 2 13:08:03 HADNAS notifier: Will not 'restart' avahi_daemon because avahi_daemon_enable is NO.
Sep 2 13:08:03 HADNAS notifier: winbindd not running? (check /var/run/samba/winbindd.pid).
Sep 2 13:08:03 HADNAS notifier: smbd not running? (check /var/run/samba/smbd.pid).
Sep 2 13:08:03 HADNAS notifier: nmbd not running? (check /var/run/samba/nmbd.pid).
Sep 2 13:08:04 HADNAS ActiveDirectory: /usr/sbin/service ix-kerberos quietstart
Sep 2 13:08:04 HADNAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Sep 2 13:08:04 HADNAS ActiveDirectory: generate_krb5_conf: krbhost=hadsrv1.hadshare.com, kpwdhost=hadsrv1.hadshare.com, domainname=hadshare.com
Sep 2 13:08:05 HADNAS ActiveDirectory: /usr/sbin/service ix-nsswitch quietstart
Sep 2 13:08:05 HADNAS ActiveDirectory: /usr/sbin/service ix-pam quietstart
Sep 2 13:08:05 HADNAS ActiveDirectory: /usr/sbin/service ix-kinit quietstart
Sep 2 13:08:05 HADNAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Sep 2 13:08:05 HADNAS ActiveDirectory: kerberos_start: kinit --password-file=/tmp/tmp.lJ3T2DbG Administrator@HADSHARE.COM
Sep 2 13:08:05 HADNAS ActiveDirectory: kerberos_start: Failed
Sep 2 13:08:15 HADNAS ActiveDirectory: /usr/sbin/service ix-kinit status
Sep 2 13:08:15 HADNAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Sep 2 13:08:15 HADNAS ActiveDirectory: kerberos_status: klist -l | grep -q ^Administrator@HADSHARE.COM
Sep 2 13:08:15 HADNAS ActiveDirectory: kerberos_status: Successful
Sep 2 13:08:15 HADNAS ActiveDirectory: /usr/sbin/service ix-samba quietstart
Sep 2 13:08:15 HADNAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Sep 2 13:08:15 HADNAS ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py start cifs
Sep 2 13:08:17 HADNAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Sep 2 13:08:17 HADNAS notifier: Removing stale Samba tdb files: ...... done
Sep 2 13:08:17 HADNAS notifier: Starting nmbd.
Sep 2 13:08:17 HADNAS notifier: Starting smbd.
Sep 2 13:08:17 HADNAS notifier: Starting winbindd.
Sep 2 13:08:17 HADNAS winbindd[11689]: [2013/09/02 13:08:17.680978, 0] winbindd/winbindd_util.c:635(init_domain_list)
Sep 2 13:08:17 HADNAS winbindd[11689]: Could not fetch our SID - did we join?
Sep 2 13:08:17 HADNAS winbindd[11689]: [2013/09/02 13:08:17.681148, 0] winbindd/winbindd.c:1108(winbindd_register_handlers)
Sep 2 13:08:17 HADNAS winbindd[11689]: unable to initialize domain list
Sep 2 13:08:17 HADNAS ActiveDirectory: /usr/sbin/service ix-activedirectory quietstart
Sep 2 13:08:17 HADNAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Sep 2 13:08:17 HADNAS ActiveDirectory: activedirectory_start: trying to join domain
Sep 2 13:08:17 HADNAS ActiveDirectory: AD_join_domain: net ads join -U Administrator
Sep 2 13:08:18 HADNAS ActiveDirectory: AD_join_domain: Failed
Sep 2 13:08:18 HADNAS ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py stop cifs
Sep 2 13:08:20 HADNAS notifier: dbus not running? (check /var/run/dbus/dbus.pid).
Sep 2 13:08:20 HADNAS notifier: Will not 'restart' dbus because dbus_enable is NO.
Sep 2 13:08:20 HADNAS notifier: Stopping avahi-daemon.
Sep 2 13:08:20 HADNAS notifier: Failed to kill daemon: No such file or directory
Sep 2 13:08:20 HADNAS notifier: Will not 'restart' avahi_daemon because avahi_daemon_enable is NO.
Sep 2 13:08:20 HADNAS notifier: winbindd not running? (check /var/run/samba/winbindd.pid).
Sep 2 13:08:20 HADNAS notifier: Stopping smbd.
Sep 2 13:08:20 HADNAS notifier: Waiting for PIDS: 11685.
Sep 2 13:08:20 HADNAS notifier: Stopping nmbd.
Sep 2 13:08:20 HADNAS notifier: Waiting for PIDS: 11681.
Sep 2 13:08:20 HADNAS ActiveDirectory: /usr/sbin/service ix-kerberos quietstop
Sep 2 13:08:20 HADNAS ActiveDirectory: /usr/sbin/service ix-nsswitch quietstop
Sep 2 13:08:20 HADNAS ActiveDirectory: /usr/sbin/service ix-pam quietstop
Sep 2 13:08:20 HADNAS ActiveDirectory: /usr/sbin/service ix-kinit forcestop
Sep 2 13:08:20 HADNAS ActiveDirectory: /usr/sbin/service ix-activedirectory forcestop
Sep 2 13:08:20 HADNAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Sep 2 13:08:21 HADNAS ActiveDirectory: activedirectory_stop: leaving domain
Sep 2 13:08:21 HADNAS ActiveDirectory: AD_leave_domain: net ads leave -U Administrator
Sep 2 13:08:22 HADNAS ActiveDirectory: AD_leave_domain: Failed
Sep 2 13:08:22 HADNAS ActiveDirectory: /usr/sbin/service ix-cache quietstop &
Sep 2 13:08:23 HADNAS ActiveDirectory: /usr/sbin/service samba forcestop
Sep 2 13:08:23 HADNAS ActiveDirectory: /usr/sbin/service ix-samba start
Sep 2 13:08:23 HADNAS ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py start cifs
Sep 2 13:08:25 HADNAS notifier: Removing stale Samba tdb files: ...... done
Sep 2 13:08:25 HADNAS notifier: Starting nmbd.
Sep 2 13:08:25 HADNAS notifier: Starting smbd.

I have been racking my brain, and at this point, I have no clue what is misconfigured. The firewall has been disabled on the router and Win Server 2008 R2. I am not a Unix/Linux person, so I am learning that piece on the fly. Any help will be much appreciated. Thank you in advance.

-Will

MYurick · Sep 6, 2013

Connecting to Active Directory seems to be a common issue. I am having the same issue - I have scoured this forum and the internet in search of a solution. Double checking everything; time sync, simple admin password, extending time outs, using IP Address in the domain controller field. Just about everything I can think of. The settings always apply without issue, however when I try to switch on the service I always get the same error message, "The service could not be started."

Clearly I am doing something wrong. Somewhere along the line I have missed a step, entered something wrong or misunderstood what was required in the field.

Does anyone have any experience resolving this? Anyone been able to resolve this? Any insight you could provide would be greatly appreciated.

demetri · Sep 6, 2013

I too am having this issue, except running Windows Server 2012 Standard

ScottI · Sep 6, 2013

Gang,
Was having the same problem - a real head scratcher. I recall seeing a post stating that only one directory service could be enabled at a time, so on a whim I disabled Directory Services (System/Settings/General/Directory Service) by selecting the all dashes option in the combo box and saving. I then selected the active directory option, saved, and went back to the services pane and turned on Directory Services. What do you know - it connected first time and has survived several reboots. wbinfo returns all of the users and groups and access permissions seem to be working properly. YMMV, but it worked for me....

Scott

MYurick · Sep 7, 2013

Hi Scott,

Thank you for your suggestion, however it did not work for me. I even tried to disabling Directory Services (System/Settings/General/Directory Service) by selecting the all dashes option in the combo box, saving and rebooting FreeNAS. Then selecting the Active Directory option, saving and trying to turn on Directory Services again. I still get the same error message, "The service could not be started".

As I said before, I am certain I am missing something. Obviously there are users such as yourself that are getting it to work. Maybe it is a network issue and no matter what I try it won't work. But I think that is unlikely as I just setup and Exchange 2010 Server and it connected to Active Directory without issue.

Any other suggestions from the FreeNAS Community would be greatly appreciated!

MYurick · Sep 7, 2013

Just an interesting note, after clicking on the wrench and entering my Directory Service Settings and then clicking 'OK' I do get the message, "Active Directory successfully updated". But then again, I get that message even if I enter an incorrect password.

MYurick · Sep 7, 2013

I've stumbled upon a suggestion that I'm trying to implement. The suggestion is as follows:
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
I went into smb.conf and poked around a little and adding the two lines below to the config and then trying the manual CLI bind again seemed to work
preferred master = no
realm = AD.EXAMPLE.COM
-----------------------------------------------------------------------------------------------------------

The full article can be found at https://bugs.freenas.org/issues/2544

I can open the smb.conf file by using putty.exe connecting via SSH. I run the command "vi /usr/local/etc/smb.conf" which opens the file however it is read-only.
Can anyone please point me in the right direction as to how I can go about opening this file with the ability to save my changes?

survive · Sep 7, 2013

Hi MYurick,

Use the "Auxiliary parameters" section of the CIFS config to edit the smb.conf file.

-Will

MYurick · Sep 8, 2013

Thanks Will. I've done that, but when I check the smb.conf with the SSH command of "vi /usr/local/etc/smb.conf", I don't see that lines I entered in the "Auxiliary Parameters" box. Should I not see those lines in the smb.conf file, or is that not the way it works?

Either way, adding those lines have not made a difference to my problem as I am still getting the same error message.

survive · Sep 8, 2013

Hi MYurick,

I just checked the smb.conf file on my filer and I see all the entries I made in the "Auxiliary parameters" box listed, so I would expect your system to do the same.

I can offer you no explanation why they don't.....hold on maybe it's formatting? Run "tail -f /var/log/messages" in an ssh session & start the service and see if it's spitting out any errors. Here are the options I have entered:

Code:

 
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=131072 SO_SNDBUF=131072 
min receivefile size = 131072
write cache size = 131072
interfaces = 10.56.56.2/24
bind interfaces only = yes

You need to have a space between either end of the "=" sign for each option.....maybe you don't?

-Will

MYurick · Sep 9, 2013

Hi Will,

Thanks for your help, here is what I got when I ran the command you suggested.

~# tail -f /var/log/messages
Sep 9 09:35:38 FreeNAS smbd[23798]: #2 0x16b32dc <main+2828> at /usr/local/s bin/smbd
Sep 9 09:35:38 FreeNAS smbd[23798]: #3 0x10b75cb <_start+203> at /usr/local/ sbin/smbd
Sep 9 09:35:38 FreeNAS smbd[23798]: #4 0x10b7518 <_start+24> at /usr/local/s bin/smbd
Sep 9 09:35:38 FreeNAS smbd[23798]: [2013/09/09 09:35:38.557901, 0] lib/fault. c:416(dump_core)
Sep 9 09:35:38 FreeNAS smbd[23798]: dumping core in /var/log/samba/cores/smbd
Sep 9 09:35:38 FreeNAS smbd[23798]:
Sep 9 09:35:38 FreeNAS kernel: pid 23798 (smbd), uid 0: exited on signal 6
Sep 9 09:37:03 FreeNAS avahi-daemon[23042]: Invalid response packet from host 192.168.0.56.

Interesting response for that last line, as that host has nothing to do with the setup of FreeNAS or any computer that I've used to connect or test. I am going to check with my co-worker to see exactly what they have running on that machine.

MYurick · Sep 9, 2013

Ok, it appears that 192.168.0.56 is a computer on the network, but not on the domain, that has the Active Directory Connector installed.

thinktank · Sep 19, 2013

Someone has figured out a solution for this issue? If not, someone can explain me what does it mean?

Aug 31 16:23:16 freenas ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py stop cifs

It looks like AD stop the cifs service, and then

Aug 31 16:23:18 freenas notifier: smbd not running? (check /var/run/samba/smbd.pid).
Aug 31 16:23:18 freenas notifier: nmbd not running? (check /var/run/samba/nmbd.pid).

Jim Conacher · Oct 5, 2013

Hi guys,

I'd been experiencing the same issues as yourselves with failing to get Active Directory working with a Windows Server 2012 box.

In the end i disabled Network Access Protection on the computer account within Active directory and that seems to have solved my issues.

Thought would post to see if this would help anyone else out

Cheers

J

reedjasonf · Oct 16, 2013

I'm also having this problem. Can ping the Domain Controller from the shell on the FreeNAS box and can ping the freenas box's domain name from the Active Directory DC.

But when I try to start the Active Directory Service it fails to start.

captaintofuburger · Nov 4, 2013

Been having the same issue as well. This is how I resolved it:

CIFS:
Disable local master

Add to aux:
realm = YOURDOMAINALLCAPS.COM
preferred master = no
security = ads

Directory Services:
Use caps for all domains

In both: make sure your netbios name is less than 15 char! I'm assuming that's why my install wasn't working. I never saw any errors about it being too long, but noticed I had it set to 16 chars. Once I renamed it, AD fired right up.

Diogenes Platterwort · Nov 10, 2013

Another possible reason for the service not to start is an unusual password on the AD account being used, such as including spaces, special symbols, or unusually long passwords.

Ayush · Nov 12, 2013

I am having problem starting the active directory services as well. This is what I get (snapshot below) when I try to start the active directory services.

vincetronic · Jan 15, 2014

Domain in all caps worked for me. Also used it in workgroup with no ill effect.

Important Announcement for the TrueNAS Community.

Unable to start AD Service

Cadet

Cadet

Cadet

Cadet

Cadet

Cadet

Cadet

Cadet

Behold the Wumpus

Cadet

Behold the Wumpus

Cadet

Cadet

Cadet

Cadet

Dabbler

Cadet

Dabbler

Cadet

Attachments

Cadet

Similar threads