I have successfully bound a FreeNAS system to our AD infrastructure but I'm running into an issue with pam_ldap, nss_ldap, and other commands like id to show user info.
Our DCs require signed ldap connections, and on our RedHat systems, we usually solve this with Samba/Winbind by adding client sasl wrapping = seal to smb.conf. I've added that as a supplemental parameter for CIFS, but we're still encountering errors such as the following:
wbinfo suggests everything is okay:
running queries with ldapsearch using kerberos auth works, klist shows correct ticket information.
Build is FreeNAS-9.2.1.3-RELEASE-x64 (dc0c46b)
98248MB RAM
Any ideas on this one?
Our DCs require signed ldap connections, and on our RedHat systems, we usually solve this with Samba/Winbind by adding client sasl wrapping = seal to smb.conf. I've added that as a supplemental parameter for CIFS, but we're still encountering errors such as the following:
Code:
sshd[7951]: pam_ldap: error trying to bind (Strong(er) authentication required) cron[7981]: nss_ldap: could not search LDAP server - Server is unavailable id: nss_ldap: could not search LDAP server - Server is unavailable smbd[6287]: nss_ldap: could not search LDAP server - Server is unavailable
wbinfo suggests everything is okay:
Code:
# wbinfo -t checking the trust secret for domain AD via RPC calls succeeded
Code:
# wbinfo -u user1_name user2_name etc...
Code:
# wbinfo -g group one group two etc...
running queries with ldapsearch using kerberos auth works, klist shows correct ticket information.
Build is FreeNAS-9.2.1.3-RELEASE-x64 (dc0c46b)
98248MB RAM
Any ideas on this one?