Refresh connection with Active Directory upon restart

[Dotty]

Lets say I have a FreeNAS box using Active Directory (so I can assign permissions to shares based on Windows Domain).
Now, lets say the FreeNAS box restart and when it comes back online, for whatever reason, the Domain Controller is not available until a few minutes later.
Upon restart, FreeNAS will complain saying the domain is not available, etc,, later the Domain Controller shows up, but by that time FreeNAs is already not working with the Domain anymore.

At that point, if I go into the GUI "Directory| Active Directory" I can just put the Domain password again and tick the checkbox for "enable" and then the FreeNAS Directory connection works again.
But that is a manual process,,
How can I get FreeNAS to try automatically and see if the Domain Controller is back online and do that automatically?

Why is this important? because the FreeNAS itself might be the Domain Controller (with a VM running Windows Server), and we know that we can make the VM start up automatically immediately after FreeNAS boot up, but I havent found how to delay the Directory part on FreeNAS until the VM is up, or how to make FreeNAS try again after a few minutes.

Im open, any idea is welcomed.

 

[dlavigne]

You could create a feature request at bugs.freenas.org. If you do, post the issue number here.

 

[Dotty]

You could create a feature request at bugs.freenas.org. If you do, post the issue number here.

This doesnt sound like a feature request,, sounds like a bug.
If you add some functionality on a software involving external elements, arent you supposed to test what happen if the elements involved are not available until few minutes later?
I would understand about kerberos authentication against one DC when there are multiple or some other cluster-related issues that sounds like "advanced" scenarios.
(found a bunch of issues there, by the way), but been able to reconnect to a DC that was unavailable upon boot?
That's scary,, makes me thing that one day FreeNAS wont accept my root password, or some other basic thing like that.

 

[Dieter Toews]

I was just googling /forum serching around and found this thread... this is exactly my problem.

in my case i've got my domain controller (zentyal)(Samba) in a vm. That vm is running on my freenas box under virtualbox...

becuase the freenas box always comes up before the domin controller it always unjoins itself from the domain :-( looking at the above post it seems like there is no workaround that tells freenas to keep polling for the domain controller at intervals.... is there?

FYI Dotty: FreeNAS remembers the password between reboots - you just need to click enable and save. I've othen clicked "rebuild directory service cache" in a sort of uninformed hopeful way after that...

 

[koifish59]

I'm getting this same exact problem. After ever restart, FreeNAS will unbind from the Active Directory and will not bind again until I manually rebind from the GUI. rebinding is simple, but it's just annoying that I have to manually do this before users can access their files.

 

[Dotty]

I'm getting this same exact problem. After ever restart, FreeNAS will unbind from the Active Directory and will not bind again until I manually rebind from the GUI. rebinding is simple, but it's just annoying that I have to manually do this before users can access their files.

Yeap, Imagine if you are vacation when that box reboots.
Ops, the whole office down, just because there was no QA on this little piece.

 

[dlavigne]

Which stresses the importance of reporting bugs. It was reported 6 days ago and is slated to be fixed in the next update. The bug is here: https://bugs.freenas.org/issues/22390 but currently set to private as the user included their debug.

 

[Dotty]

Which stresses the importance of reporting bugs. It was reported 6 days ago and is slated to be fixed in the next update. The bug is here: https://bugs.freenas.org/issues/22390 but currently set to private as the user included their debug.

Yes,, but since couple updates ago all of the sudden we dont have VirtualBox, now some of us cannot update to the "latest and greatest" because they took our lollipop, without warning.

 

[Ericloewe]

Yes,, but since couple updates ago all of the sudden we dont have VirtualBox, now some of us cannot update to the "latest and greatest" because they took our lollipop, without warning.

Virtualbox was always experimental. It's also a very crappy VM solution on any platform, to make things worse. Definitely not suitable for any environment where AD is a thing.

 

[Dotty]

Virtualbox was always experimental. It's also a very crappy VM solution on any platform, to make things worse. Definitely not suitable for any environment where AD is a thing.

With all due respect.
Then they shouldn't have put it there to begin with, dont you think?
There is a reason why we run "stable" releases,, if I would want to run "beta" I would download the betas, then I would understand the "experimental" and the "Crappy" part.
(I would never complain about FreeNAS 10, until it leaves Beta stage)
Usually, when the solutions are experimental, are either, specified on the versioning (ex. 0.34.2 , 0.34.3 etc) or explicitly said in big red letters on the pertinent screens.

Actually, VirtualBox works very well on a FreeNAS jail, I have a couple of sites with Domain Controllers (replicas) running 2012 and configured properly with Sites and Services (set up there to keep up logon process at the branch office) and they work really well, they sync with the primary site over VPN, they shut down gratefully when the jail comes down, they come back online automatically, etc. No complain about that. I monitor them from an instance on AWS and the only hiccups I see is when there are power outages at the branches. the VM doesnt suffer, because the FreeNAS is connected to an UPS and sensing the state vial USB, then 10 minutes into the power outage the FreeNAS initiates a grateful shutdown of everything, and when power comes back everything comes back online again.

I do complain that the "stable" AD Connection feature of FreeNAS is not reliable, and the moment it is advertised as fixed, then a different, working feature, was deprecated with nothing to replace it.
Nice.
I dont think it has to do with Crappy VirtualBox (I do thank the porter for it, truly), but more with the Crappy AD support on FreeNAS.
(BTW, I tested AD support with Samba on FreeBSD and works great, not sure why on FreeNAS didnt work well)