Project

General

Profile

Bug #32814

Active Directory fails is first DC/DNS goes down

Added by Jacob Fox over 2 years ago. Updated about 2 years ago.

Status:
Closed
Priority:
No priority
Assignee:
Timur Bakeyev
Category:
Services
Target version:
Seen in:
Severity:
Med High
Reason for Closing:
Duplicate Issue
Reason for Blocked:
Needs QA:
No
Needs Doc:
No
Needs Merging:
No
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:
ChangeLog Required:
No

Description

If my first domain controller goes away, FreeNAS refuses to connect to the second. From the terminal, nslookup, host, and dig can all find the second DC when querying the domain name. Both DCs are running DNS and FreeNas has both DNS addresses. wbinfo complains that it cannot find the domain and attempting to rejoin from the GUI results in "Unable to find domain controllers for #####."

Setup:
2 Samba AD DC both running DNS

FreeNAS:
DNS 1: dc1
DNS 2: dc2

AD-DC not assigned in directory settings, Kerberos points to domain name rather than specific DC.

Switching the DNS settings seems to temporarily fix the situation.
DNS 1: dc2
DNS 2: dc1


Related issues

Related to FreeNAS - Bug #35122: winbind does not always properly fail-over to next DCClosed

History

#1 Updated by Jacob Fox over 2 years ago

  • File debug-hoth-20180430163331.txz added
  • Private changed from No to Yes

#2 Updated by Dru Lavigne over 2 years ago

  • Reason for Blocked set to Need additional information from Author

Jacob: is the Enable Monitoring checkbox checked in Directory Services -> Active Directory? It's function is to try to reconnect should the system become disconnected (or fails to connect) to the domain.

#3 Updated by Jacob Fox over 2 years ago

  • Private changed from Yes to No
  • Seen in changed from Unspecified to 11.1-U4

#4 Updated by Jacob Fox over 2 years ago

Normally I have monitoring enabled. I also tried with monitoring disabled. I got the same result both times.

#5 Updated by Dru Lavigne over 2 years ago

  • Assignee changed from Release Council to Timur Bakeyev
  • Private changed from No to Yes

#6 Updated by Timur Bakeyev over 2 years ago

  • Status changed from Unscreened to Screened
  • Severity set to Low Medium
  • Reason for Blocked deleted (Need additional information from Author)

Seems that we always query first DC in the list. Need to verify that.

#7 Updated by Timur Bakeyev over 2 years ago

  • File deleted (debug-hoth-20180430163331.txz)

#8 Updated by Dru Lavigne over 2 years ago

  • Related to Bug #33453: Fix unnecessary AD restarts caused by enabling service monitor added

#9 Updated by Timur Bakeyev over 2 years ago

  • Severity changed from Low Medium to Med High

The code, that does DNS queries seems to be sticky regarding the results, so we are reworking this part now.

#11 Updated by Timur Bakeyev about 2 years ago

  • Related to deleted (Bug #33453: Fix unnecessary AD restarts caused by enabling service monitor)

#12 Updated by Timur Bakeyev about 2 years ago

  • Related to Bug #35122: winbind does not always properly fail-over to next DC added

#13 Updated by Timur Bakeyev about 2 years ago

  • Category changed from OS to Services
  • Status changed from Screened to Closed
  • Target version changed from Backlog to N/A
  • Private changed from Yes to No
  • Reason for Closing set to Duplicate Issue
  • Needs QA changed from Yes to No
  • Needs Doc changed from Yes to No
  • Needs Merging changed from Yes to No

Hi, Jacob!

I'm closing this ticket as there is a more detail duplicate ticket from our engineer linked to this one. Feel free to put your thoughts there, if you think it doesn't describe your problem detailed enough.

Also available in: Atom PDF