Project

General

Profile

Bug #25360

Check AD tooltip and documentation

Added by Yuriy Lobanov about 3 years ago. Updated almost 3 years ago.

Status:
Closed: Behaves correctly
Priority:
No priority
Assignee:
Dru Lavigne
Category:
GUI (new)
Target version:
Seen in:
Severity:
New
Reason for Closing:
Reason for Blocked:
Needs QA:
Yes
Needs Doc:
Yes
Needs Merging:
Yes
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:

ATX Thermaltake Versa H21
Chieftec GPS-600A8 600W
mATX ASUS P10S-M
Pentium G4400 3,3GHz/3Mb
2133MHz
2 X 8Gb PC-17000 2133MHz ECC DDR4 UDIMM 2
2 X SEAGATE 2Tb (5900rpm, 64Mb,SATA III
2 X SanDisk Ultra USB 3.0 16 Gb

ChangeLog Required:
No

Description

After reboot error when open Services first time. Second and othe attempt without errors.

FQDN.png (126 KB) FQDN.png Yuriy Lobanov, 07/30/2017 06:26 AM
11949

Related issues

Related to FreeNAS - Bug #25247: Document Proxy BypassResolved2017-07-20
Related to FreeNAS - Bug #25359: Document another instance that prevents Control Services from loadingResolved2017-07-30

History

#1 Updated by Yuriy Lobanov about 3 years ago

  • File debug-FREENAS-20170730095943.txz added

#2 Updated by Yuriy Lobanov about 3 years ago

  • File FreeNAS_error_Services.txt added

#3 Updated by Yuriy Lobanov about 3 years ago

  • File debug-FREENAS-20170730070023.tgz added

#4 Updated by Yuriy Lobanov about 3 years ago

  • Seen in changed from Unspecified to 11.0-U2
  • Hardware Configuration updated (diff)

#5 Updated by Dru Lavigne about 3 years ago

  • Status changed from Unscreened to 15

Are you behind a proxy?

#6 Updated by Yuriy Lobanov about 3 years ago

  • File FQDN.png added

I connect without a proxy.

Probably, the problem is solved.

When filling the Domain Controller field on the Active Directory tab, I used the FQDN, as indicated on the prompt (Screenshot attached), termserver.books.local, instead of the short name termserver, which is mentioned in the documentation. After specifying a short name, errors do not appear during the reboot. (Bug #25358)

Opening the Services tab does not lead to core dump.

Why does the slightly inaccurate filling of the field lead to such serious errors?

Probably, you need to clarify the hint about the field of the domain controller

#7 Updated by Dru Lavigne about 3 years ago

  • Related to Bug #25247: Document Proxy Bypass added

#8 Updated by Dru Lavigne about 3 years ago

  • Subject changed from Error when open Services after reboot to Check AD tooltip and documentation
  • Status changed from 15 to Unscreened
  • Assignee changed from Release Council to Warren Block
  • Target version set to 11.0-U3

We'll check the tooltip and documentation to clarify.

#9 Updated by Dru Lavigne about 3 years ago

  • File deleted (debug-FREENAS-20170730095943.txz)

#10 Updated by Dru Lavigne about 3 years ago

  • File deleted (debug-FREENAS-20170730070023.tgz)

#11 Updated by Dru Lavigne about 3 years ago

  • Private changed from Yes to No

#12 Updated by Yuriy Lobanov about 3 years ago

  • File deleted (FQDN.png)

#13 Updated by Yuriy Lobanov about 3 years ago

11949

#14 Updated by Dru Lavigne about 3 years ago

  • Related to Bug #25359: Document another instance that prevents Control Services from loading added

#15 Updated by Timur Bakeyev about 3 years ago

I'd say that the conclusion of Yuri is incorrect here and worked more by accident rather than by design. Short(Netbios) names may work, if the DNS is configured properly, but FQDN works in all the cases(well, if the DNS is still configured right:)). So, I think tooltip is correct here, advising uage of FQDN.

#16 Updated by an odos about 3 years ago

Yuriy Lobanov wrote:

I connect without a proxy.

Probably, the problem is solved.

When filling the Domain Controller field on the Active Directory tab, I used the FQDN, as indicated on the prompt (Screenshot attached), termserver.books.local, instead of the short name termserver, which is mentioned in the documentation. After specifying a short name, errors do not appear during the reboot. (Bug #25358)

Do note that "DOMAIN.local" should not be used as an AD domain. ".local" is reserved for mdns traffic. The .local TLD might be causing something to choke during boot, and this might be something worth looking into as it is common legacy practice (which was somehow overlooked when people drafted RFC 6762 <eyeroll> thanks apple!). By the way, this field isn't typically required to join an AD domain. I typically only populate the following fields:

  • Domain Name
  • Domain Account Name
  • Domain Account Password

Reference for statements regarding not using .local TLD - https://social.technet.microsoft.com/wiki/contents/articles/17974.active-directory-domain-naming-considerations.aspx

#17 Updated by an odos about 3 years ago

Timur Bakeyev wrote:

I'd say that the conclusion of Yuri is incorrect here and worked more by accident rather than by design. Short(Netbios) names may work, if the DNS is configured properly, but FQDN works in all the cases(well, if the DNS is still configured right:)). So, I think tooltip is correct here, advising uage of FQDN.

Timur,

It might be worthwhile to test whether using a .local TLD in these fields causes a traceback.

If it does,
(1) mdns may need to be disabled in these cases and /etc/nsswitch.conf modified accordingly
or
(2) the UI may need to replace the FQDN with the netbios name.

I think that (1) is probably the right course of action because the .local TLD is bound to cause subtle problems elsewhere.

#18 Updated by Yuriy Lobanov about 3 years ago

  • File FreeNAS_error.txt added
  • File 3pep_FreeNAS11_error.txt added

an odos wrote:

Timur Bakeyev wrote:

I'd say that the conclusion of Yuri is incorrect here and worked more by accident rather than by design. Short(Netbios) names may work, if the DNS is configured properly, but FQDN works in all the cases(well, if the DNS is still configured right:)). So, I think tooltip is correct here, advising uage of FQDN.

Timur,

It might be worthwhile to test whether using a .local TLD in these fields causes a traceback.

If it does,
(1) mdns may need to be disabled in these cases and /etc/nsswitch.conf modified accordingly
or
(2) the UI may need to replace the FQDN with the netbios name.

I think that (1) is probably the right course of action because the .local TLD is bound to cause subtle problems elsewhere.

Two server FreeNAS are used in the AD with the names <DOMAIN>.local. In the logs of both servers, mdns errors appear during the restart.
Attached are fragments of the logs during the reboot.

#19 Updated by Warren Block about 3 years ago

  • Status changed from Unscreened to Screened

#20 Updated by Dru Lavigne about 3 years ago

  • Target version changed from 11.0-U3 to 11.1

#21 Updated by Dru Lavigne almost 3 years ago

  • Status changed from Screened to Closed: Behaves correctly
  • Assignee changed from Warren Block to Dru Lavigne
  • Target version changed from 11.1 to N/A

Closing out then as the section on Active Directory clearly states that the domain name needs to be resolvable and that this setting will fail if it is not.

#22 Updated by Dru Lavigne over 2 years ago

  • File deleted (FreeNAS_error_Services.txt)

#23 Updated by Dru Lavigne over 2 years ago

  • File deleted (FreeNAS_error.txt)

#24 Updated by Dru Lavigne over 2 years ago

  • File deleted (3pep_FreeNAS11_error.txt)

Also available in: Atom PDF