andrewjones216
Dabbler
- Joined
- Jun 7, 2016
- Messages
- 20
Hi all,
I am unable to join our domain after upgrading our Freenas to the latest stable release (11.3-U4.1). The interface times out when trying to save the settings.
I've got another FreeNAS box on the same version with the same AD settings connected ok. The output below suggests it has some old info cached somewhere, maybe?
Domain has been obfuscated to 'our.domain'
Workgroup parameter has been obfuscated to 'workgroup'
I've tried:
Web GUI shows this:
Any help would be much appreciated.
Thanks
Andrew
I am unable to join our domain after upgrading our Freenas to the latest stable release (11.3-U4.1). The interface times out when trying to save the settings.
I've got another FreeNAS box on the same version with the same AD settings connected ok. The output below suggests it has some old info cached somewhere, maybe?
Domain has been obfuscated to 'our.domain'
Workgroup parameter has been obfuscated to 'workgroup'
I've tried:
Code:
root@CNAS05:~ # service winbindd onestart winbindd already running? (pid=5846). root@CNAS05:~ # ping cwm-dc-01 PING cwm-dc-01.our.domain (xxx.xxx.11.51): 56 data bytes 64 bytes from xxx.xxx.11.51: icmp_seq=0 ttl=128 time=0.779 ms 64 bytes from xxx.xxx.11.51: icmp_seq=1 ttl=128 time=0.839 ms 64 bytes from xxx.xxx.11.51: icmp_seq=2 ttl=128 time=0.727 ms root@CNAS05:~ # dig our.domain ; <<>> DiG 9.14.6 <<>> our.domain ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32686 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4000 ;; QUESTION SECTION: ;our.domain. IN A ;; ANSWER SECTION: our.domain. 600 IN A xxx.xxx.10.53 our.domain. 600 IN A xxx.xxx.10.163 our.domain. 600 IN A xxx.xxx.11.52 our.domain. 600 IN A xxx.xxx.11.51 ;; Query time: 1 msec ;; SERVER: xxx.xxx.11.51#53(xxx.xxx.11.51) ;; WHEN: Thu Aug 13 18:29:41 BST 2020 ;; MSG SIZE rcvd: 105 root@CNAS05:~ # host -t srv _ldap._tcp.our.domain _ldap._tcp.our.domain has SRV record 0 100 389 CWM-DC-01.our.domain. _ldap._tcp.our.domain has SRV record 0 100 389 cwm-dc-02.our.domain. _ldap._tcp.our.domain has SRV record 0 100 389 cwm-dc-01.our.domain. _ldap._tcp.our.domain has SRV record 0 100 389 cdc01.our.domain. _ldap._tcp.our.domain has SRV record 0 100 389 CWM-DC-02.our.domain. ; <<>> DiG 9.14.6 <<>> pdc.our.domain ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32981 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4000 ;; QUESTION SECTION: ;pdc.our.domain. IN A ;; AUTHORITY SECTION: our.domain. 3600 IN SOA cwm-dc-01.our.domain. hostmaster.our.domain. 182354 900 600 86400 3600 ;; Query time: 1 msec ;; SERVER: xxx.xxx.11.51#53(xxx.xxx.11.51) ;; WHEN: Thu Aug 13 18:30:21 BST 2020 ;; MSG SIZE rcvd: 114 root@CNAS05:~ # net -k -d 5 ads testjoin INFO: Current debug levels: all: 5 tdb: 5 printdrivers: 5 lanman: 5 smb: 5 rpc_parse: 5 rpc_srv: 5 rpc_cli: 5 passdb: 5 sam: 5 auth: 5 winbind: 5 vfs: 5 idmap: 5 quota: 5 acls: 5 locking: 5 msdfs: 5 dmapi: 5 registry: 5 scavenger: 5 dns: 5 ldb: 5 tevent: 5 auth_audit: 5 auth_json_audit: 5 kerberos: 5 drs_repl: 5 smb2: 5 smb2_credits: 5 dsdb_audit: 5 dsdb_json_audit: 5 dsdb_password_audit: 5 dsdb_password_json_audit: 5 dsdb_transaction_audit: 5 dsdb_transaction_json_audit: 5 dsdb_group_audit: 5 dsdb_group_json_audit: 5 lp_load_ex: refreshing parameters Initialising global parameters INFO: Current debug levels: all: 5 tdb: 5 printdrivers: 5 lanman: 5 smb: 5 rpc_parse: 5 rpc_srv: 5 rpc_cli: 5 passdb: 5 sam: 5 auth: 5 winbind: 5 vfs: 5 idmap: 5 quota: 5 acls: 5 locking: 5 msdfs: 5 dmapi: 5 registry: 5 scavenger: 5 dns: 5 ldb: 5 tevent: 5 auth_audit: 5 auth_json_audit: 5 kerberos: 5 drs_repl: 5 smb2: 5 smb2_credits: 5 dsdb_audit: 5 dsdb_json_audit: 5 dsdb_password_audit: 5 dsdb_password_json_audit: 5 dsdb_transaction_audit: 5 dsdb_transaction_json_audit: 5 dsdb_group_audit: 5 dsdb_group_json_audit: 5 Processing section "[global]" doing parameter dns proxy = No doing parameter aio max threads = 2 doing parameter max log size = 51200 doing parameter allocation roundup size = 0 doing parameter load printers = No doing parameter printing = bsd doing parameter disable spoolss = Yes doing parameter dos filemode = Yes doing parameter kernel change notify = No doing parameter directory name cache size = 0 doing parameter nsupdate command = /usr/local/bin/samba-nsupdate -g doing parameter unix charset = UTF-8 doing parameter log level = 3 doing parameter obey pam restrictions = False doing parameter enable web service discovery = True doing parameter logging = file doing parameter server min protocol = SMB2_02 doing parameter unix extensions = No doing parameter map to guest = Bad User doing parameter server string = CNAS05 FreeNAS Storage Server doing parameter bind interfaces only = Yes doing parameter netbios name = CNAS05 doing parameter netbios aliases = doing parameter server role = standalone doing parameter workgroup = workgroup doing parameter idmap config *: backend = tdb doing parameter idmap config *: range = 90000001-100000000 doing parameter include = /usr/local/etc/smb4_share.conf pm_process() returned Yes Registering messaging pointer for type 2 - private_data=0x0 Registering messaging pointer for type 9 - private_data=0x0 Registered MSG_REQ_POOL_USAGE Registering messaging pointer for type 11 - private_data=0x0 Registering messaging pointer for type 12 - private_data=0x0 Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED Registering messaging pointer for type 1 - private_data=0x0 Registering messaging pointer for type 5 - private_data=0x0 Registering messaging pointer for type 51 - private_data=0x0 lp_load_ex: refreshing parameters Freeing parametrics: Initialising global parameters INFO: Current debug levels: all: 5 tdb: 5 printdrivers: 5 lanman: 5 smb: 5 rpc_parse: 5 rpc_srv: 5 rpc_cli: 5 passdb: 5 sam: 5 auth: 5 winbind: 5 vfs: 5 idmap: 5 quota: 5 acls: 5 locking: 5 msdfs: 5 dmapi: 5 registry: 5 scavenger: 5 dns: 5 ldb: 5 tevent: 5 auth_audit: 5 auth_json_audit: 5 kerberos: 5 drs_repl: 5 smb2: 5 smb2_credits: 5 dsdb_audit: 5 dsdb_json_audit: 5 dsdb_password_audit: 5 dsdb_password_json_audit: 5 dsdb_transaction_audit: 5 dsdb_transaction_json_audit: 5 dsdb_group_audit: 5 dsdb_group_json_audit: 5 Processing section "[global]" doing parameter dns proxy = No doing parameter aio max threads = 2 doing parameter max log size = 51200 doing parameter allocation roundup size = 0 doing parameter load printers = No doing parameter printing = bsd doing parameter disable spoolss = Yes doing parameter dos filemode = Yes doing parameter kernel change notify = No doing parameter directory name cache size = 0 doing parameter nsupdate command = /usr/local/bin/samba-nsupdate -g doing parameter unix charset = UTF-8 doing parameter log level = 3 doing parameter obey pam restrictions = False doing parameter enable web service discovery = True doing parameter logging = file doing parameter server min protocol = SMB2_02 doing parameter unix extensions = No doing parameter map to guest = Bad User doing parameter server string = CNAS05 FreeNAS Storage Server doing parameter bind interfaces only = Yes doing parameter netbios name = CNAS05 doing parameter netbios aliases = doing parameter server role = standalone doing parameter workgroup = workgroup doing parameter idmap config *: backend = tdb doing parameter idmap config *: range = 90000001-100000000 doing parameter include = /usr/local/etc/smb4_share.conf pm_process() returned Yes Netbios name list:- my_netbios_names[0]="CNAS05" added interface ix0 ip=xxx.16.0.2 bcast=xxx.16.0.7 netmask=255.255.255.248 added interface igb0 ip=xxx.xxx.10.77 bcast=xxx.xxx.10.255 netmask=255.255.255.0 Opening cache file at /var/run/samba4/gencache.tdb sitename_fetch: No stored sitename for realm '' ads_dc_name: domain=workgroup saf_fetch: failed to find server for "workgroup" domain get_dc_list: preferred server list: ", *" no entry for workgroup#1C found. resolve_lmhosts: Attempting lmhosts lookup for name workgroup<0x1c> startlmhosts: Can't open lmhosts file /usr/local/etc/lmhosts. Error was No such file or directory resolve_wins: WINS server resolution selected and no WINS servers listed. resolve_hosts: not appropriate for name type <0x1c> name_resolve_bcast: Attempting broadcast lookup for name workgroup<0x1c> get_dc_list: no servers found ads_find_dc: name resolution for realm '' (domain 'workgroup') failed: NT_STATUS_NO_LOGON_SERVERS saf_fetch: failed to find server for "workgroup" domain get_dc_list: preferred server list: ", *" no entry for workgroup#1C found. resolve_lmhosts: Attempting lmhosts lookup for name workgroup<0x1c> startlmhosts: Can't open lmhosts file /usr/local/etc/lmhosts. Error was No such file or directory resolve_wins: WINS server resolution selected and no WINS servers listed. resolve_hosts: not appropriate for name type <0x1c> name_resolve_bcast: Attempting broadcast lookup for name workgroup<0x1c> get_dc_list: no servers found Could not look up dc's for domain workgroup sitename_fetch: No stored sitename for realm '' ads_dc_name: domain=workgroup saf_fetch: failed to find server for "workgroup" domain get_dc_list: preferred server list: ", *" no entry for workgroup#1C found. resolve_lmhosts: Attempting lmhosts lookup for name workgroup<0x1c> startlmhosts: Can't open lmhosts file /usr/local/etc/lmhosts. Error was No such file or directory resolve_wins: WINS server resolution selected and no WINS servers listed. resolve_hosts: not appropriate for name type <0x1c> name_resolve_bcast: Attempting broadcast lookup for name workgroup<0x1c> get_dc_list: no servers found ads_find_dc: name resolution for realm '' (domain 'workgroup') failed: NT_STATUS_NO_LOGON_SERVERS saf_fetch: failed to find server for "workgroup" domain get_dc_list: preferred server list: ", *" no entry for workgroup#1C found. resolve_lmhosts: Attempting lmhosts lookup for name workgroup<0x1c> startlmhosts: Can't open lmhosts file /usr/local/etc/lmhosts. Error was No such file or directory resolve_wins: WINS server resolution selected and no WINS servers listed. resolve_hosts: not appropriate for name type <0x1c> name_resolve_bcast: Attempting broadcast lookup for name workgroup<0x1c> get_dc_list: no servers found Could not look up dc's for domain workgroup ads_connect: No logon servers are currently available to service the logon request. Join to domain is not valid: No logon servers are currently available to service the logon request. return code = -1 root@CNAS05:~ # wbinfo -t checking the trust secret for domain CNM via RPC calls failed wbcCheckTrustCredentials(CNM): error code was NT_STATUS_NO_SUCH_DOMAIN (0xc00000df) failed to call wbcCheckTrustCredentials: WBC_ERR_AUTH_ERROR Could not check secret root@CNAS05:~ # wbinfo -m BUILTIN CNAS05
Web GUI shows this:
Any help would be much appreciated.
Thanks
Andrew