AD/CIFS fails on 126.96.36.199 (after upgrade from 188.8.131.52) please help
I just upgraded from 184.108.40.206 where everything worked fine.
Now in 220.127.116.11 i am not able anymore to start the Directory services, the log is attached.
Thus its not possible anymore to browse to my CIFS shares (which is obvious). Please help, this is ciritcal :(
#1 Updated by Thomas Stather almost 6 years ago
When i try to join the domain manually from the CLI i get:
[root@storage] ~# net -k ads join kuk.local -S 192.168.0.34 -p 389
Host is not configured as a member server.
Invalid configuration. Exiting....
Failed to join domain: This operation is only allowed for the PDC of the domain.
However during the failed start, when i type "klist" i get a kerberos ticket.
#3 Updated by John Hixson almost 6 years ago
- Status changed from Unscreened to Screened
Can you follow the instructions for debugging here:
Let me know where it breaks.
#5 Updated by John Hixson almost 6 years ago
Thomas Stather wrote:
OK but what about the service "ix-pre-samba". What does it do and when (during the troubleshooting procedure you mentioned in the post) should it be started?
I had forgotten about that. I have edited the post for FreeNAS 18.104.22.168. If you could please look at it and follow the instructions and report back here what happens, that would be great ;-)
#7 Updated by Thomas Stather almost 6 years ago
A few results:
Doing your steps, everything works until the
service service "ix-activedirectory start" command. Here i get on the FreeNAS console (VMWare):
[root@storage-test] ~# service ix-activedirectory start
Failed to join domain: failed to lookup DC info for domain 'KuK.local' over rpc: Logon failure
Failed to leave domain: Unable to fetch domain sid: are we joined?
Waiting for PIDS: 6856.
Waiting for PIDS: 6853.
Waiting for PIDS: 6850.
[root@storage-test] ~# service ix-activedirectory status
ads_connect: No logon servers
ads_connect: No logon servers
#10 Updated by Jordan Hubbard almost 6 years ago
Does this happen in 9.3-BETA? I ask simply because even if we find that we broke something in 22.214.171.124 (and I appreciate your work in binary-searching your way to the broken release), we aren't going to do any more 9.2.1.x releases and won't have a release vehicle for the fix other than 9.3.
#12 Updated by Thomas Stather almost 6 years ago
I upgraded from 126.96.36.199 to the latest 9.3-Beta.
Then i selected "Enabled" under "Directory Service" -> "Active Directory". However after a while i got the message "the service failed to start". There is nothing in the log i can use to troubleshoot, where is the logging gone which was active in 188.8.131.52?
#17 Updated by Steven Price almost 6 years ago
I am having the same issue and I tried to change smb4.conf from 'standalone' to 'member server' with no joy. I also had this issue in BETA however I am pretty sure that I had the A/D services working in one of the earlier version but I don't remember particulars - sorry :( - Is there anyway I could get a early beta before some of the patches were applied perhaps?
#18 Updated by Rickard Olsson almost 6 years ago
Same or similar issue in 9.3_Release and nightly build from a few days ago. My twist is I get
[root@freenas] ~# service ix-activedirectory restart Traceback (most recent call last): File "/usr/local/bin/adtool", line 607, in <module> main() File "/usr/local/bin/adtool", line 593, in main adts = ADToolShell() File "/usr/local/bin/adtool", line 36, in __init__ self.adc = ActiveDirectoryConfig(flags=FLAGS_DBINIT) File "/usr/local/www/freenasUI/common/freenasldap.py", line 2061, in __init__ super(FreeNAS_ActiveDirectory, self).__init__(**kwargs) File "/usr/local/www/freenasUI/common/freenasldap.py", line 1429, in __init__ self.site = self.locate_site() File "/usr/local/www/freenasUI/common/freenasldap.py", line 1590, in locate_site site_dn = s['siteObject'] KeyError: 'siteObject' [: -lt: argument expected
Other than that wbinfo works fine, I get a Kerberos ticket and everything looks good except the domain users don't show up in FreeNAS or getent.