Can't connect 9.1.1 to AD, Server 2012

Status
Not open for further replies.
D

Danger

Cadet
Joined
Aug 23, 2013
Messages
7
I have already read through a bunch of these threads but nobody's problems seem to be the same as mine. I am hoping mine is relatively easy.

Here is the log file whenever I try to start the AD service, obviously sanitized domain name and username.

Code:
Nov 20 09:51:31 FREENAS ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py stop cifs
Nov 20 09:51:32 FREENAS notifier: Stopping dbus.
Nov 20 09:51:32 FREENAS avahi-daemon[46802]: Disconnected from D-Bus, exiting.
Nov 20 09:51:32 FREENAS notifier: Waiting for PIDS: 46773.
Nov 20 09:51:32 FREENAS notifier: dbus not running? (check /var/run/dbus/dbus.pid).
Nov 20 09:51:32 FREENAS notifier: Starting dbus.
Nov 20 09:51:32 FREENAS notifier: Stopping avahi-daemon.
Nov 20 09:51:32 FREENAS notifier: Stopping avahi-daemon.
Nov 20 09:51:32 FREENAS notifier: Failed to kill daemon: No such file or directory
Nov 20 09:51:32 FREENAS notifier: Starting avahi-daemon.
Nov 20 09:51:32 FREENAS avahi-daemon[48469]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
Nov 20 09:51:32 FREENAS notifier: winbindd not running? (check /var/run/samba/winbindd.pid).
Nov 20 09:51:32 FREENAS notifier: smbd not running? (check /var/run/samba/smbd.pid).
Nov 20 09:51:32 FREENAS notifier: nmbd not running? (check /var/run/samba/nmbd.pid).
Nov 20 09:51:33 FREENAS ActiveDirectory: /usr/sbin/service ix-kerberos quietstart
Nov 20 09:51:33 FREENAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Nov 20 09:51:33 FREENAS ActiveDirectory: generate_krb5_conf: krbhost=S1.mydomain.local, kpwdhost=S1.mydomain.local, domainname=mydomain
Nov 20 09:51:33 FREENAS ActiveDirectory: /usr/sbin/service ix-nsswitch quietstart
Nov 20 09:51:33 FREENAS ActiveDirectory: /usr/sbin/service ix-pam quietstart
Nov 20 09:51:33 FREENAS ActiveDirectory: /usr/sbin/service ix-kinit quietstart
Nov 20 09:51:33 FREENAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Nov 20 09:51:33 FREENAS ActiveDirectory: kerberos_start: kinit --password-file=/tmp/tmp.Udh1an7h adminuser@MYDOMAIN
Nov 20 09:51:33 FREENAS ActiveDirectory: kerberos_start: Failed
Nov 20 09:51:43 FREENAS ActiveDirectory: /usr/sbin/service ix-kinit status
Nov 20 09:51:43 FREENAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Nov 20 09:51:43 FREENAS ActiveDirectory: kerberos_status: klist -l | grep -q ^adminuser@MYDOMAIN
Nov 20 09:51:43 FREENAS ActiveDirectory: kerberos_status: Failed


On my DC in the Security log I get 3 Audit Success messages stating "Special privileges assigned to new logon." then "An account was successfully logged on." then "An account was logged off."

So it seems as though Freenas is connecting to my DC, my DC is authenticating it, but yet Freenas is telling me Kerberos can't start?

I have gone through the troubleshooting steps under "Directory Services" on doc.freenas a couple of times and made no progress. I actually got so irritated with this the other day that I had to put it down and come back to it. Still no progress this morning so I am coming to all of you for help!
 
D

Danger

Cadet
Joined
Aug 23, 2013
Messages
7
So I have made a little more progress on this. I think I have discovered that this system does not like spaces in the domain admin password. I created a new admin account with a nice long password and no spaces and I am getting further. Here is the significant error now:

Code:
Nov 20 11:36:44 FREENAS ActiveDirectory: /usr/sbin/service ix-activedirectory quietstart
Nov 20 11:36:44 FREENAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Nov 20 11:36:44 FREENAS ActiveDirectory: activedirectory_start: trying to join domain
Nov 20 11:36:44 FREENAS ActiveDirectory: AD_join_domain: net ads join -U testadmin
Nov 20 11:36:47 FREENAS ActiveDirectory: AD_join_domain: Failed
Nov 20 11:36:47 FREENAS ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py stop cifs
Nov 20 11:36:48 FREENAS notifier: Stopping dbus.


and here is the full log:

Code:
Nov 20 11:36:30 FREENAS ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py stop cifs
Nov 20 11:36:31 FREENAS notifier: Stopping dbus.
Nov 20 11:36:31 FREENAS avahi-daemon[31471]: Disconnected from D-Bus, exiting.
Nov 20 11:36:31 FREENAS notifier: Waiting for PIDS: 31442.
Nov 20 11:36:31 FREENAS notifier: dbus not running? (check /var/run/dbus/dbus.pid).
Nov 20 11:36:31 FREENAS notifier: Starting dbus.
Nov 20 11:36:31 FREENAS notifier: Stopping avahi-daemon.
Nov 20 11:36:31 FREENAS notifier: Stopping avahi-daemon.
Nov 20 11:36:31 FREENAS notifier: Failed to kill daemon: No such file or directory
Nov 20 11:36:31 FREENAS notifier: Starting avahi-daemon.
Nov 20 11:36:31 FREENAS avahi-daemon[32703]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
Nov 20 11:36:32 FREENAS notifier: winbindd not running? (check /var/run/samba/winbindd.pid).
Nov 20 11:36:32 FREENAS notifier: Stopping smbd.
Nov 20 11:36:32 FREENAS notifier: Waiting for PIDS: 32251.
Nov 20 11:36:32 FREENAS notifier: Stopping nmbd.
Nov 20 11:36:33 FREENAS notifier: Waiting for PIDS: 32247, 32247.
Nov 20 11:36:33 FREENAS ActiveDirectory: /usr/sbin/service ix-kerberos quietstart
Nov 20 11:36:33 FREENAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Nov 20 11:36:33 FREENAS ActiveDirectory: generate_krb5_conf: krbhost=S1.mydomain.local, kpwdhost=S1.mydomain.local, domainname=mydomain.local
Nov 20 11:36:33 FREENAS ActiveDirectory: /usr/sbin/service ix-nsswitch quietstart
Nov 20 11:36:33 FREENAS ActiveDirectory: /usr/sbin/service ix-pam quietstart
Nov 20 11:36:33 FREENAS ActiveDirectory: /usr/sbin/service ix-kinit quietstart
Nov 20 11:36:33 FREENAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Nov 20 11:36:33 FREENAS ActiveDirectory: kerberos_start: kinit --password-file=/tmp/tmp.zcl0nU3v testadmin@MYDOMAIN.LOCAL
Nov 20 11:36:33 FREENAS ActiveDirectory: kerberos_start: Successful
Nov 20 11:36:43 FREENAS ActiveDirectory: /usr/sbin/service ix-kinit status
Nov 20 11:36:43 FREENAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Nov 20 11:36:43 FREENAS ActiveDirectory: kerberos_status: klist -l | grep -q ^testadmin@MYDOMAIN.LOCAL
Nov 20 11:36:43 FREENAS ActiveDirectory: kerberos_status: Successful
Nov 20 11:36:43 FREENAS ActiveDirectory: /usr/sbin/service ix-samba quietstart
Nov 20 11:36:43 FREENAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Nov 20 11:36:43 FREENAS ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py start cifs
Nov 20 11:36:44 FREENAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Nov 20 11:36:44 FREENAS notifier: dbus already running? (pid=32674).
Nov 20 11:36:44 FREENAS notifier: Starting avahi-daemon.
Nov 20 11:36:44 FREENAS notifier: Daemon already running on PID 32703
Nov 20 11:36:44 FREENAS notifier: Removing stale Samba tdb files: ....... done
Nov 20 11:36:44 FREENAS notifier: Starting nmbd.
Nov 20 11:36:44 FREENAS notifier: Starting smbd.
Nov 20 11:36:44 FREENAS notifier: Starting winbindd.
Nov 20 11:36:44 FREENAS winbindd[34142]: [2013/11/20 11:36:44.624276,  0] winbindd/winbindd_util.c:635(init_domain_list)
Nov 20 11:36:44 FREENAS winbindd[34142]:  Could not fetch our SID - did we join?
Nov 20 11:36:44 FREENAS winbindd[34142]: [2013/11/20 11:36:44.624335,  0] winbindd/winbindd.c:1108(winbindd_register_handlers)
Nov 20 11:36:44 FREENAS winbindd[34142]:  unable to initialize domain list
Nov 20 11:36:44 FREENAS ActiveDirectory: /usr/sbin/service ix-activedirectory quietstart
Nov 20 11:36:44 FREENAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Nov 20 11:36:44 FREENAS ActiveDirectory: activedirectory_start: trying to join domain
Nov 20 11:36:44 FREENAS ActiveDirectory: AD_join_domain: net ads join -U testadmin
Nov 20 11:36:47 FREENAS ActiveDirectory: AD_join_domain: Failed
Nov 20 11:36:47 FREENAS ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py stop cifs
Nov 20 11:36:48 FREENAS notifier: Stopping dbus.
Nov 20 11:36:48 FREENAS avahi-daemon[32703]: Disconnected from D-Bus, exiting.
Nov 20 11:36:48 FREENAS notifier: Waiting for PIDS: 32674.
Nov 20 11:36:48 FREENAS notifier: dbus not running? (check /var/run/dbus/dbus.pid).
Nov 20 11:36:48 FREENAS notifier: Starting dbus.
Nov 20 11:36:48 FREENAS notifier: Stopping avahi-daemon.
Nov 20 11:36:48 FREENAS notifier: Failed to kill daemon: No such file or directory
Nov 20 11:36:48 FREENAS notifier: Stopping avahi-daemon.
Nov 20 11:36:48 FREENAS notifier: Failed to kill daemon: No such file or directory
Nov 20 11:36:48 FREENAS notifier: Starting avahi-daemon.
Nov 20 11:36:48 FREENAS avahi-daemon[34476]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
Nov 20 11:36:48 FREENAS notifier: winbindd not running? (check /var/run/samba/winbindd.pid).
Nov 20 11:36:48 FREENAS notifier: Stopping smbd.
Nov 20 11:36:48 FREENAS notifier: Waiting for PIDS: 34136.
Nov 20 11:36:48 FREENAS notifier: Stopping nmbd.
Nov 20 11:36:48 FREENAS notifier: Waiting for PIDS: 34132.
Nov 20 11:36:48 FREENAS ActiveDirectory: /usr/sbin/service ix-kerberos quietstop
Nov 20 11:36:48 FREENAS ActiveDirectory: /usr/sbin/service ix-nsswitch quietstop
Nov 20 11:36:48 FREENAS ActiveDirectory: /usr/sbin/service ix-pam quietstop
Nov 20 11:36:48 FREENAS ActiveDirectory: /usr/sbin/service ix-kinit forcestop
Nov 20 11:36:48 FREENAS ActiveDirectory: /usr/sbin/service ix-activedirectory forcestop
Nov 20 11:36:48 FREENAS ActiveDirectory: AD_init: config exists, loading values from /etc/directoryservice/ActiveDirectory/config
Nov 20 11:36:49 FREENAS ActiveDirectory: activedirectory_stop: leaving domain
Nov 20 11:36:49 FREENAS ActiveDirectory: AD_leave_domain: net ads leave -U testadmin
Nov 20 11:36:50 FREENAS ActiveDirectory: AD_leave_domain: Failed
Nov 20 11:36:50 FREENAS ActiveDirectory: /usr/sbin/service ix-cache quietstop &
Nov 20 11:36:50 FREENAS ActiveDirectory: /usr/sbin/service samba forcestop
Nov 20 11:36:50 FREENAS ActiveDirectory: /usr/sbin/service ix-samba start
Nov 20 11:36:51 FREENAS ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py start cifs
Nov 20 11:36:51 FREENAS notifier: dbus already running? (pid=34447).
Nov 20 11:36:51 FREENAS notifier: Starting avahi-daemon.
Nov 20 11:36:51 FREENAS notifier: Daemon already running on PID 34476
Nov 20 11:36:51 FREENAS notifier: Removing stale Samba tdb files: ...... done
Nov 20 11:36:51 FREENAS notifier: Starting nmbd.
Nov 20 11:36:51 FREENAS notifier: Starting smbd.


Running "net ads join -U testadmin" gives me the following:
Code:
Host is not configured as a member server.
Invalid configuration.  Exiting....
Failed to join domain: This operation is only allowed for the PDC of the domain.


I do have the FREENAS machine assigned as a computer on our domain.
 
D

dlavigne

Guest
This may be a bug. Please create an issue at bugs.freenas.org so the devs can review and post the issue number here.
 
Status
Not open for further replies.

Similar threads

L
  • Locked
freenas 8.3.0-release-x86 ACTIVE DIRECTORY] problem joining domain
Replies
0
Views
6K
lorenzoASR
L
Daniel-san
  • Locked
Freenas 9.1 unable to joined windows 2012
Replies
2
Views
7K
AgentZero
AgentZero
J
  • Locked
Joining AD (Zentyal)
Replies
2
Views
3K
jac2703
J
T
  • Locked
Can't start the AD service
Replies
5
Views
2K
Idiotzoo
I
S
  • Locked
Freenas can't join AD, AD_status_domain: Not okay
Replies
7
Views
7K
Shrek000
S
Top