- Joined
- Mar 6, 2014
- Messages
- 9,554
Yes, that's the reason why I specified backing up the original file. You should also do hotpatching through an SSH session (so that you don't cut your feet out from under yourself).
-
Important Announcement for the TrueNAS Community.
The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums
Can't join Active Directory,Failed to validate bind credentials: [EFAULT] timed out
- Thread starter freenaslol
- Start date
glossjorge
Dabbler
- Joined
- Feb 24, 2020
- Messages
- 12
I did backup the original file, I was doing it via ssh, but when the service did not come back, I lost ssh connection, so I went to the server directly and it did not let me do anything with it.
Same problem after update to 11.3u1. Downgrade impossible because of zfs update.
But if I make fresh install, make all settings restart and then try to join to domain - it's woks! But it works only before restart!
this solution https://www.ixsystems.com/community...redentials-efault-timed-out.82235/post-572017 don't work for me!
Any ideas or maybe U2?
But if I make fresh install, make all settings restart and then try to join to domain - it's woks! But it works only before restart!
this solution https://www.ixsystems.com/community...redentials-efault-timed-out.82235/post-572017 don't work for me!
Any ideas or maybe U2?
I replaced activedirectory.py with the last version you give us. I restarted Freenas machine . Connecting to AD still does not work : Failed to validate bind credentials: [EFAULT] timed out
- Joined
- Mar 6, 2014
- Messages
- 9,554
PM me a copy of /var/log/middlewared.log. validate_credentials() in the updated version doesn't make any socket calls (it just performs a kinit). Sounds like a mis-applied patch.
I'm using the LDAP directory service, updated to version 11.3-U1 and also grabed the most recent activedirectory.py file I am getting this error message whenever I try connecting to the ad server.
Code:
Error: Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/middlewared/plugins/ldap.py", line 621, in port_is_listening
s.connect((host, port))
socket.timeout: timed out
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/middlewared/plugins/ldap.py", line 586, in do_update
await self.middleware.call('ldap.ldap_validate', new)
File "/usr/local/lib/python3.7/site-packages/middlewared/main.py", line 1127, in call
app=app, pipes=pipes, job_on_progress_cb=job_on_progress_cb, io_thread=True,
File "/usr/local/lib/python3.7/site-packages/middlewared/main.py", line 1077, in _call
return await methodobj(*args)
File "/usr/local/lib/python3.7/site-packages/middlewared/plugins/ldap.py", line 488, in ldap_validate
await self.middleware.call('ldap.port_is_listening', host, int(port), data['dns_timeout'])
File "/usr/local/lib/python3.7/site-packages/middlewared/main.py", line 1127, in call
app=app, pipes=pipes, job_on_progress_cb=job_on_progress_cb, io_thread=True,
File "/usr/local/lib/python3.7/site-packages/middlewared/main.py", line 1091, in _call
return await run_method(methodobj, *args)
File "/usr/local/lib/python3.7/site-packages/middlewared/utils/run_in_thread.py", line 10, in run_in_thread
return await self.loop.run_in_executor(self.run_in_thread_executor, functools.partial(method, *args, **kwargs))
File "/usr/local/lib/python3.7/site-packages/middlewared/utils/io_thread_pool_executor.py", line 25, in run
result = self.fn(*self.args, **self.kwargs)
File "/usr/local/lib/python3.7/site-packages/middlewared/plugins/ldap.py", line 625, in port_is_listening
raise CallError(e)
middlewared.service_exception.CallError: [EFAULT] timed out
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/middlewared/main.py", line 130, in call_method
io_thread=False)
File "/usr/local/lib/python3.7/site-packages/middlewared/main.py", line 1077, in _call
return await methodobj(*args)
File "/usr/local/lib/python3.7/site-packages/middlewared/service.py", line 302, in update
f'{self._config.namespace}.update', self, self.do_update, [data]
File "/usr/local/lib/python3.7/site-packages/middlewared/main.py", line 1077, in _call
return await methodobj(*args)
File "/usr/local/lib/python3.7/site-packages/middlewared/schema.py", line 961, in nf
return await f(*args, **kwargs)
File "/usr/local/lib/python3.7/site-packages/middlewared/plugins/ldap.py", line 588, in do_update
raise ValidationError('ldap_update', str(e))
middlewared.service_exception.ValidationError: [EFAULT] ldap_update: [EFAULT] timed out
- Joined
- Mar 6, 2014
- Messages
- 9,554
LDAP and AD are separate plugins.
Gotcha, that makes sense. I should have realized that. However it seems like I'm experiencing the same issues as the people using the Active Directory Plugin. Is there anything obvious that I'm just completely missing when using the LDAP plugin?
- Joined
- Mar 6, 2014
- Messages
- 9,554
If you're getting a socket timeout for the LDAP plugin, you can increase the value of the DNS timeout. It's also used in the socket.connect() call that is returning the error. Maybe bump both timeout values to 30 seconds from 10.
Okay tried 30 seconds same time out with socket.connect() returning the error. Tried 60 seconds also, same thing. Do i need to have the hostname have the netbios name in it like this netbios\ad-hostname thats how i currently have it.
- Joined
- Mar 6, 2014
- Messages
- 9,554
You can test this WIP fix here: https://github.com/freenas/freenas/...ewared/middlewared/plugins/activedirectory.py
clone boot environment, replace /usr/local/lib/python3.7/site-packages/middlewared/plugins/activedirectory.py with it and "service middlewared onerestart".
Currently the LDAP plugin just times out even if i set the timeout for ldap and dns to a higher number. If there is something I can do to help troubleshoot this I'm all ears. We are using Azure Active Directory, like I said this all works whenever I revert back to 11.2 however because of various reason I can't stay on that version. The settings I'm using are all identical from 11.2 to 11.3 @anodos
So when I change settings to point at a internal server not using ssl it works just fine.
Attachments
- Joined
- Mar 6, 2014
- Messages
- 9,554
As I've already mentioned, this particular forum thread is about issues involving AD. You're using the LDAP plugin. There are several bugfixes related to the LDAP plugin in the 11.3-stable branch on github. https://raw.githubusercontent.com/f...e/src/middlewared/middlewared/plugins/ldap.py. You can try cloning your boot environment, replacing /usr/local/lib/python3.7/site-packages/middlewared/plugins/ldap.py with the version attached, and then issuing "service middlewared onerestart". If your problem persists and you don't see a corresponding bug ticket in our bug tracker, you are welcome to file one there.
- Joined
- Mar 6, 2014
- Messages
- 9,554
It's not annoying. You can also start a new forums thread and tag me there.
Hello @anodos , I've tried this steps on monday, but after restart freenas gui become unreachable! or you have updated for this file after 2 march?
Related topics on forums.truenas.com for thread: "Can't join Active Directory,Failed to validate bind credentials: [EFAULT] timed out"
Unfortunately, no related topics are found on the New Community Forums.
