Project

General

Profile

Bug #25991

11.00-U4 [MiddlewareError: b'Active Directory failed to reload.']

Added by Bryan Grant almost 3 years ago. Updated almost 3 years ago.

Status:
Closed: Insufficient Info
Priority:
No priority
Assignee:
Timur Bakeyev
Category:
OS
Target version:
Seen in:
Severity:
New
Reason for Closing:
Reason for Blocked:
Needs QA:
Yes
Needs Doc:
Yes
Needs Merging:
Yes
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:
ChangeLog Required:
No

Description

I upgraded from 9.3 to 11.0-U4 and since the upgrade, I am unable to get Active Directory working. I'm receiving many errors, however they seem to be bouncing between "Unable to bind to Active Directory" and [MiddlewareError: b'Active Directory failed to reload.']

I've changed my NTP server to my primary DC, updated the time to no avail. It was working normally in version 9.3

Debug report attached.

History

#1 Updated by Bryan Grant almost 3 years ago

  • File debug-freenas3-20170927085349.txz added

#2 Updated by Dru Lavigne almost 3 years ago

  • Category changed from 1 to OS
  • Assignee changed from Release Council to Timur Bakeyev
  • Seen in changed from Unspecified to 11.0-U4

#3 Updated by Timur Bakeyev almost 3 years ago

  • Status changed from Unscreened to Screened

#4 Updated by Dru Lavigne almost 3 years ago

  • Target version set to 11.1

#5 Avatar?id=14398&size=24x24 Updated by Kris Moore almost 3 years ago

  • Target version changed from 11.1 to 11.1-U1

#6 Updated by Timur Bakeyev almost 3 years ago

  • Status changed from Screened to 15

Hi, Bryan!

There isn't really enough information in the provided logs to nail down what is exactly the problem.

[MiddlewareError: b'Active Directory failed to reload.'] is basically tells us that active directory service didn't start up within a given timeout threshold or just failed to initialize connection to AD.

It seems that you took debug log after disabling Directory service, so log doesn't contain configuration variables that are essential for binding to the domain.

Still, there are some logs left, that may give you a hint to what is going wrong:

[2017/09/26 01:20:47.381058,  1] ../source3/winbindd/winbindd_cm.c:2813(cm_connect_sam) Unwilling to make SAMR connection to domain WBOCAD without connection level security, must set 'winbind sealed pipes = false' and require strong key = false' to proceed: NT_STATUS_DOWNGRADE_DETECTED
...
[2017/09/26 10:51:22.066354,  1] ../source3/libsmb/cliconnect.c:360(cli_session_creds_prepare_krb5)
  Kinit for FREENAS3$@WBOC.COM to access PDC.wboc.com failed: Client not found in Kerberos database
[2017/09/26 10:51:22.095679,  1] ../source3/winbindd/winbindd_cm.c:1113(cm_prepare_connection)
  authenticated session setup to PDC.wboc.com using WBOCAD\FREENAS3$ failed with NT_STATUS_LOGON_FAILURE
[2017/09/26 10:51:22.095870,  1] ../source3/winbindd/winbindd_cm.c:1253(cm_prepare_connection)
  Failed to prepare SMB connection to PDC.wboc.com: NT_STATUS_LOGON_FAILURE
....
[2017/09/27 08:49:21.324546,  1] ../source3/libsmb/cliconnect.c:360(cli_session_creds_prepare_krb5)
  Kinit for FREENAS3$@WBOC.COM to access PDC.wboc.com failed: Preauthentication failed
[2017/09/27 08:49:21.348240,  1] ../source3/winbindd/winbindd_cm.c:1113(cm_prepare_connection)
  authenticated session setup to PDC.wboc.com using WBOCAD\FREENAS3$ failed with NT_STATUS_LOGON_FAILURE

#7 Updated by Dru Lavigne almost 3 years ago

  • Status changed from 15 to Closed: Insufficient Info
  • Target version changed from 11.1-U1 to N/A
  • Private changed from Yes to No

#8 Updated by Dru Lavigne almost 3 years ago

  • File deleted (debug-freenas3-20170927085349.txz)

Also available in: Atom PDF