We have a FreeNAS box running 9.10.2 that is connected to a Server 2012 AD Domain.
Everything was working fine until about 2 hours ago, whereas users could no longer access shares.
Information:
[2017/02/09 16:02:03.468747, 1] ../auth/gensec/spnego.c:541(gensec_spnego_parse_negTokenInit)
SPNEGO(gse_krb5) NEG_TOKEN_INIT failed: NT_STATUS_LOGON_FAILURE
Troubleshooting Steps
Now after a period of time, wbinfo -t shows "success"
wbinfo -u shows all our users
root user can still connect no problem
All AD accounts still are unable to connect
Thoughs?
We're dead in the water.
Everything was working fine until about 2 hours ago, whereas users could no longer access shares.
Information:
- wbinfo reported trust issues
- NTP was out of sync by 2 minutes (using DC as the NTP server)
- AD users would continually get prompted for username / password, but could not browse any directories
- root user account works totally fine via Windows through CIFS share
- Web UI works fine
- SSH works fine
- Box load minimal
[2017/02/09 16:02:03.468747, 1] ../auth/gensec/spnego.c:541(gensec_spnego_parse_negTokenInit)
SPNEGO(gse_krb5) NEG_TOKEN_INIT failed: NT_STATUS_LOGON_FAILURE
Troubleshooting Steps
- Rebooted the box
- Disabled and re-enabled AD connection
- Restarted Samba
- Restarted ntpd (fixed sync issue)
- Rebooted both domain controllers
- Cleared AD cache on FreeNAS
- Disconnected from domain and rejoined
Now after a period of time, wbinfo -t shows "success"
wbinfo -u shows all our users
root user can still connect no problem
All AD accounts still are unable to connect
Thoughs?
We're dead in the water.
Last edited: