Windows AD Groups not showing in dataset permission gui as well as under wbinfo -u/-g commands

[venkata]

Dear All,

I am using FreeNAS-9.10.2-U1 (86c7ef5).

we integrated FreeNAS with Winser 2012 R2.
When we checked connectivity via SSH, wbinfo -t - it shows succeeded.

But when we checked Wbinfo -u, it showed few users only. But in dataset user permission gui [dropdown menu], we can able to see all users.

Sameway, when we try to check AD groups info with wbinfo -g via ssh, it showing default AD groups only.
i.e while DOMAIN creation few groups will be create automatically like "domain users" "dns users".
But when we create TEST group manually with some users as a part that group, SSH is not displaying this kind of manual created groups.

Even dataset group permission gui [dropdown menu], we can able to see default AD groups only [we con't see TEST group]. even though without using drop down list, if we type group name manually [like TEST], FreeNAS is accepting that group.
i.e We are unable to see groups via SSH/GUI, but we can assign AD groups. [By manually typing, ref 3 attachment]

Here i uploaded screen shots,
1. SSH webinfo -g
2. dataset group permission gui [dropdown menu]
3. Manually typing group name

we are unable to understand weather we did wrong configuration [because AD authentication working fine] OR is there any development activity is pending.

Kindly give us clarification. So that if configurations problem we can alter it.

Thank you so much for advance.

 

[bigphil]

In the GUI, go to the Directory/Active Directory tab and try the button "Rebuild directory service cache." Also, please post a screen shot of all the settings your have in "advanced mode" under the Active Directory settings.

 

[venkata]

In the GUI, go to the Directory/Active Directory tab and try the button "Rebuild directory service cache." Also, please post a screen shot of all the settings your have in "advanced mode" under the Active Directory settings.

Dear bigphil,
Thank you so much for your response.
I already tried "Rebuild directory service cache" option before i post here. However i tried the same, but no use.

Here i attached Active Directory settings with advance mode.
PFA.

 

[bigphil]

Setup looks good. Try turning off the option "use default domain" and test wbinfo -g again. It should list groups in the form "domain netbios name\group name" with that option off. It still shouldn't cause the wbinfo issue you're seeing, but its the only difference is see vs my setup.

 

[bigphil]

Also...the dropdown for dataset permissions will only list 50 groups/users for performance reasons. Using the typing method like you did is exactly the correct way to do it. Everything appears to be working correctly. you can also try this command from the shell to see if wbinfo can find the group:
wbinfo --group-info="your domain\your new group"

edit: also...look at your first post wbinfo screenshot again. It did list your "test" group. Did you try running it again to see if it lists the other "testing" groups now?

 

[venkata]

Setup looks good. Try turning off the option "use default domain" and test wbinfo -g again. It should list groups in the form "domain netbios name\group name" with that option off. It still shouldn't cause the issue you're seeing, but its the only difference is see vs my setup.

I unchecked "use default domain" option, as you said, it showed "domain netbios name\group name" format with default groups only. Problem not at solved.

 

[dlavigne]

It's probably worth creating a bug report at bugs.freenas.org then. If you do, post the issue number here.