lord.nemesi
Cadet
- Joined
- May 13, 2013
- Messages
- 6
Hi Guys,
I'm not able to start AD service in freenas 8.3.1 cause on my server 2008 R2 DC I enabled ldap signing. Without ldap signign everything works but, if is it possible, I don't wanna to disable. I already added this line to the [global] section of smb.conf but nothing has changed:
This is the log after trying to start ad service:
Any idea? Thanks in advance.
I'm not able to start AD service in freenas 8.3.1 cause on my server 2008 R2 DC I enabled ldap signing. Without ldap signign everything works but, if is it possible, I don't wanna to disable. I already added this line to the [global] section of smb.conf but nothing has changed:
Code:
client ldap sasl wrapping = sign
This is the log after trying to start ad service:
May 14 09:15:40 freenas ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py stop cifs
May 14 09:15:42 freenas notifier: dbus not running? (check /var/run/dbus/dbus.pid).
May 14 09:15:42 freenas notifier: Will not 'restart' dbus because dbus_enable is NO.
May 14 09:15:42 freenas notifier: Stopping avahi-daemon.
May 14 09:15:42 freenas notifier: Failed to kill daemon: No such file or directory
May 14 09:15:42 freenas notifier: Will not 'restart' avahi_daemon because avahi_daemon_enable is NO.
May 14 09:15:43 freenas notifier: winbindd not running? (check /var/run/samba/winbindd.pid).
May 14 09:15:43 freenas notifier: Stopping smbd.
May 14 09:15:43 freenas notifier: Waiting for PIDS: 2029.
May 14 09:15:43 freenas notifier: Stopping nmbd.
May 14 09:15:43 freenas notifier: Waiting for PIDS: 2026.
May 14 09:15:43 freenas notifier: False
May 14 09:15:43 freenas ActiveDirectory: /usr/sbin/service ix-kerberos quietstart
May 14 09:15:43 freenas ActiveDirectory: AD_init: binddn = Administrator@NETECO.LAN
May 14 09:15:43 freenas ActiveDirectory: AD_locate_domain_controllers: domain=neteco.lan, site=
May 14 09:15:43 freenas ActiveDirectory: AD_locate_domain_controllers: record=_ldap._tcp.dc._msdcs.neteco.lan
May 14 09:15:43 freenas ActiveDirectory: __get_SRV_records: host=_ldap._tcp.dc._msdcs.neteco.lan
May 14 09:15:43 freenas ActiveDirectory: __get_SRV_records: dig -t srv +short +nocomments _ldap._tcp.dc._msdcs.neteco.lan
May 14 09:15:43 freenas ActiveDirectory: __get_SRV_host: trying fragserver.neteco.lan:389
May 14 09:15:43 freenas ActiveDirectory: __get_SRV_host: Okay
May 14 09:15:43 freenas ActiveDirectory: AD_init: dchost = fragserver.neteco.lan, dcport = 389
May 14 09:15:43 freenas ActiveDirectory: AD_query_rootDSE: filter = (objectclass=*), attributes =
May 14 09:15:43 freenas notifier: ldap_bind: Strong(er) authentication required (8)
May 14 09:15:43 freenas notifier: additional info: 00002028: LdapErr: DSID-0C0901FC, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v1db1
May 14 09:15:43 freenas ActiveDirectory: AD_init: basedn =
May 14 09:15:43 freenas ActiveDirectory: AD_query_rootDSE: filter = (objectclass=*), attributes =
May 14 09:15:43 freenas notifier: ldap_bind: Strong(er) authentication required (8)
May 14 09:15:43 freenas notifier: additional info: 00002028: LdapErr: DSID-0C0901FC, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v1db1
May 14 09:15:43 freenas ActiveDirectory: AD_query_rootDSE: filter = (objectclass=*), attributes = dnsRoot
May 14 09:15:43 freenas notifier: ldap_bind: Strong(er) authentication required (8)
May 14 09:15:43 freenas notifier: additional info: 00002028: LdapErr: DSID-0C0901FC, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v1db1
May 14 09:15:43 freenas ActiveDirectory: AD_get_partition: config = , basedn = CN=Partitions,, ncname =
May 14 09:15:43 freenas ActiveDirectory: AD_query: basedn = CN=Partitions,, filter = ncname=, attributes = ncname= dnsRoot
May 14 09:15:43 freenas ActiveDirectory: AD_locate_domain_global_catalog_servers: domain=, site=
May 14 09:15:43 freenas ActiveDirectory: AD_init: gchost = , gcport = 3268
May 14 09:15:43 freenas ActiveDirectory: AD_locate_kerberos_servers: domain=neteco.lan, proto=, site=
May 14 09:15:43 freenas ActiveDirectory: AD_locate_kerberos_servers: record=_kerberos._udp.neteco.lan
May 14 09:15:43 freenas ActiveDirectory: __get_SRV_records: host=_kerberos._udp.neteco.lan
May 14 09:15:43 freenas ActiveDirectory: __get_SRV_records: dig -t srv +short +nocomments _kerberos._udp.neteco.lan
May 14 09:15:43 freenas ActiveDirectory: __get_SRV_host: trying fragserver.neteco.lan:88
May 14 09:15:43 freenas ActiveDirectory: __get_SRV_host: Okay
May 14 09:15:43 freenas ActiveDirectory: AD_init: krbhost = fragserver.neteco.lan, krbport = 88
May 14 09:15:43 freenas ActiveDirectory: AD_locate_kpasswd_servers: domain=neteco.lan, proto=, site=
May 14 09:15:43 freenas ActiveDirectory: AD_locate_kpasswd_servers: record=_kpasswd._udp.neteco.lan
May 14 09:15:43 freenas ActiveDirectory: __get_SRV_records: host=_kpasswd._udp.neteco.lan
May 14 09:15:43 freenas ActiveDirectory: __get_SRV_records: dig -t srv +short +nocomments _kpasswd._udp.neteco.lan
May 14 09:15:43 freenas ActiveDirectory: __get_SRV_host: trying fragserver.neteco.lan:464
May 14 09:15:43 freenas ActiveDirectory: __get_SRV_host: Okay
May 14 09:15:44 freenas ActiveDirectory: AD_init: kpwdhost = fragserver.neteco.lan, kpwdport = 464
May 14 09:15:44 freenas ActiveDirectory: generate_krb5_conf: krbhost=fragserver.neteco.lan, kpwdhost=fragserver.neteco.lan, domainname=neteco.lan
May 14 09:15:44 freenas ActiveDirectory: /usr/sbin/service ix-nsswitch quietstart
May 14 09:15:44 freenas ActiveDirectory: /usr/sbin/service ix-pam quietstart
May 14 09:15:44 freenas ActiveDirectory: /usr/sbin/service ix-kinit quietstart
May 14 09:15:44 freenas ActiveDirectory: AD_init: config exists, loading values from /etc/ActiveDirectory/config
May 14 09:15:44 freenas ActiveDirectory: kerberos_start: kinit --password-file=/tmp/tmp.jZazIKlf Administrator@NETECO.LAN
May 14 09:15:44 freenas ActiveDirectory: kerberos_start: Successful
May 14 09:15:54 freenas ActiveDirectory: /usr/sbin/service ix-kinit status
May 14 09:15:55 freenas ActiveDirectory: AD_init: config exists, loading values from /etc/ActiveDirectory/config
May 14 09:15:55 freenas ActiveDirectory: kerberos_status: klist -l | grep -q ^Administrator@NETECO.LAN
May 14 09:15:55 freenas ActiveDirectory: kerberos_status: Successful
May 14 09:15:55 freenas ActiveDirectory: /usr/sbin/service ix-samba quietstart
May 14 09:15:55 freenas ActiveDirectory: AD_init: config exists, loading values from /etc/ActiveDirectory/config
May 14 09:15:55 freenas ActiveDirectory: AD_init: config exists, loading values from /etc/ActiveDirectory/config
May 14 09:15:55 freenas ActiveDirectory: generate_smb_config: checking testparm issues
May 14 09:15:55 freenas ActiveDirectory: generate_smb_config: testparm: Load smb config files from /usr/local/etc/smb.conf
May 14 09:15:55 freenas ActiveDirectory: generate_smb_config: testparm: max_open_files: increasing sysctl_max (11095) to minimum Windows limit (16384)
May 14 09:15:55 freenas ActiveDirectory: generate_smb_config: testparm: rlimit_max: increasing rlimit_max (11095) to minimum Windows limit (16384)
May 14 09:15:55 freenas ActiveDirectory: generate_smb_config: testparm: WARNING: The "idmap uid" option is deprecated
May 14 09:15:55 freenas ActiveDirectory: generate_smb_config: testparm: WARNING: The "idmap gid" option is deprecated
May 14 09:15:55 freenas ActiveDirectory: generate_smb_config: testparm: Loaded services file OK.
May 14 09:15:55 freenas ActiveDirectory: generate_smb_config: testparm: WARNING: The setting 'security=ads' should NOT be combined with the 'password server' parameter.
May 14 09:15:55 freenas ActiveDirectory: generate_smb_config: testparm: (by default Samba will discover the correct DC to contact automatically).
May 14 09:15:55 freenas ActiveDirectory: generate_smb_config: testparm: Server role: ROLE_DOMAIN_MEMBER
May 14 09:15:55 freenas ActiveDirectory: generate_smb_config: testparm: Press enter to see a dump of your service definitions
May 14 09:15:55 freenas ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py start cifs
May 14 09:15:57 freenas ActiveDirectory: AD_init: config exists, loading values from /etc/ActiveDirectory/config
May 14 09:15:57 freenas ActiveDirectory: AD_init: config exists, loading values from /etc/ActiveDirectory/config
May 14 09:15:57 freenas ActiveDirectory: generate_smb_config: checking testparm issues
May 14 09:15:57 freenas ActiveDirectory: generate_smb_config: testparm: Load smb config files from /usr/local/etc/smb.conf
May 14 09:15:57 freenas ActiveDirectory: generate_smb_config: testparm: max_open_files: increasing sysctl_max (11095) to minimum Windows limit (16384)
May 14 09:15:57 freenas ActiveDirectory: generate_smb_config: testparm: rlimit_max: increasing rlimit_max (11095) to minimum Windows limit (16384)
May 14 09:15:57 freenas ActiveDirectory: generate_smb_config: testparm: WARNING: The "idmap uid" option is deprecated
May 14 09:15:57 freenas ActiveDirectory: generate_smb_config: testparm: WARNING: The "idmap gid" option is deprecated
May 14 09:15:57 freenas ActiveDirectory: generate_smb_config: testparm: Loaded services file OK.
May 14 09:15:57 freenas ActiveDirectory: generate_smb_config: testparm: WARNING: The setting 'security=ads' should NOT be combined with the 'password server' parameter.
May 14 09:15:57 freenas ActiveDirectory: generate_smb_config: testparm: (by default Samba will discover the correct DC to contact automatically).
May 14 09:15:57 freenas ActiveDirectory: generate_smb_config: testparm: Server role: ROLE_DOMAIN_MEMBER
May 14 09:15:57 freenas ActiveDirectory: generate_smb_config: testparm: Press enter to see a dump of your service definitions
May 14 09:15:58 freenas notifier: Removing stale Samba tdb files: ....... done
May 14 09:15:58 freenas notifier: Starting nmbd.
May 14 09:15:58 freenas notifier: Starting smbd.
May 14 09:15:58 freenas notifier: Starting winbindd.
May 14 09:15:58 freenas notifier: True
May 14 09:15:58 freenas ActiveDirectory: /usr/sbin/service ix-activedirectory quietstart
May 14 09:15:58 freenas ActiveDirectory: AD_init: config exists, loading values from /etc/ActiveDirectory/config
May 14 09:15:58 freenas ActiveDirectory: activedirectory_start: trying to join domain
May 14 09:15:58 freenas ActiveDirectory: AD_join_domain: net ads join -U Administrator
May 14 09:16:01 freenas notifier: Using short domain name -- NETECO
May 14 09:16:01 freenas notifier: Joined 'FREENAS' to dns domain 'neteco.lan'
May 14 09:16:01 freenas ActiveDirectory: AD_join_domain: Successful
May 14 09:16:01 freenas ActiveDirectory: /usr/sbin/service ix-activedirectory status
May 14 09:16:02 freenas ActiveDirectory: AD_init: config exists, loading values from /etc/ActiveDirectory/config
May 14 09:16:02 freenas ActiveDirectory: activedirectory_status: checking status
May 14 09:16:02 freenas ActiveDirectory: AD_status_domain: net ads status -U Administrator
May 14 09:16:03 freenas ActiveDirectory: AD_status_domain: Okay
May 14 09:16:03 freenas ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py stop cifs
May 14 09:16:05 freenas notifier: dbus not running? (check /var/run/dbus/dbus.pid).
May 14 09:16:05 freenas notifier: Will not 'restart' dbus because dbus_enable is NO.
May 14 09:16:05 freenas notifier: Stopping avahi-daemon.
May 14 09:16:05 freenas notifier: Failed to kill daemon: No such file or directory
May 14 09:16:05 freenas notifier: Will not 'restart' avahi_daemon because avahi_daemon_enable is NO.
May 14 09:16:05 freenas notifier: winbindd not running? (check /var/run/samba/winbindd.pid).
May 14 09:16:05 freenas notifier: Stopping smbd.
May 14 09:16:05 freenas notifier: Waiting for PIDS: 6137.
May 14 09:16:05 freenas notifier: Stopping nmbd.
May 14 09:16:05 freenas notifier: Waiting for PIDS: 6133.
May 14 09:16:05 freenas notifier: False
May 14 09:16:05 freenas ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py start cifs
May 14 09:16:07 freenas ActiveDirectory: AD_init: config exists, loading values from /etc/ActiveDirectory/config
May 14 09:16:07 freenas ActiveDirectory: AD_init: config exists, loading values from /etc/ActiveDirectory/config
May 14 09:16:07 freenas ActiveDirectory: generate_smb_config: checking testparm issues
May 14 09:16:07 freenas ActiveDirectory: generate_smb_config: testparm: Load smb config files from /usr/local/etc/smb.conf
May 14 09:16:07 freenas ActiveDirectory: generate_smb_config: testparm: max_open_files: increasing sysctl_max (11095) to minimum Windows limit (16384)
May 14 09:16:07 freenas ActiveDirectory: generate_smb_config: testparm: rlimit_max: increasing rlimit_max (11095) to minimum Windows limit (16384)
May 14 09:16:07 freenas ActiveDirectory: generate_smb_config: testparm: WARNING: The "idmap uid" option is deprecated
May 14 09:16:07 freenas ActiveDirectory: generate_smb_config: testparm: WARNING: The "idmap gid" option is deprecated
May 14 09:16:07 freenas ActiveDirectory: generate_smb_config: testparm: Loaded services file OK.
May 14 09:16:07 freenas ActiveDirectory: generate_smb_config: testparm: WARNING: The setting 'security=ads' should NOT be combined with the 'password server' parameter.
May 14 09:16:07 freenas ActiveDirectory: generate_smb_config: testparm: (by default Samba will discover the correct DC to contact automatically).
May 14 09:16:07 freenas ActiveDirectory: generate_smb_config: testparm: Server role: ROLE_DOMAIN_MEMBER
May 14 09:16:07 freenas ActiveDirectory: generate_smb_config: testparm: Press enter to see a dump of your service definitions
May 14 09:16:07 freenas notifier: Removing stale Samba tdb files: ...... done
May 14 09:16:07 freenas notifier: Starting nmbd.
May 14 09:16:07 freenas notifier: Starting smbd.
May 14 09:16:07 freenas notifier: Starting winbindd.
May 14 09:16:07 freenas notifier: True
May 14 09:16:07 freenas ActiveDirectory: /usr/sbin/service ix-cache quietstart &
May 14 09:16:08 freenas notifier: No handlers could be found for logger "common.freenasusers"
May 14 09:16:09 freenas ActiveDirectory: AD_init: config exists, loading values from /etc/ActiveDirectory/config
May 14 09:16:09 freenas ActiveDirectory: kerberos_status: klist -l | grep -q ^Administrator@NETECO.LAN
May 14 09:16:09 freenas ActiveDirectory: kerberos_status: Successful
May 14 09:16:09 freenas ActiveDirectory: AD_init: config exists, loading values from /etc/ActiveDirectory/config
May 14 09:16:09 freenas ActiveDirectory: activedirectory_status: checking status
May 14 09:16:09 freenas ActiveDirectory: AD_status_domain: net ads status -U Administrator
May 14 09:16:12 freenas ActiveDirectory: AD_status_domain: Okay
Any idea? Thanks in advance.