RegularJoe
Patron
- Joined
- Aug 19, 2013
- Messages
- 330
Hi All,
I am running FreeNAS-11.2-U5(Build Date: Jun 24, 2019 18:41) on a VMware cluster running Intel Xeon processors.
FreeBSD fspub1.na.avonroot.lan 11.2-STABLE FreeBSD 11.2-STABLE #0 r325575+6aad246318c(HEAD): Mon Jun 24 17:25:47 UTC 2019 root@nemesis:/freenas-releng/freenas/_BE/objs/freenas-releng/freenas/_BE/os/sys/FreeNAS.amd64 amd64
This is kicking my butt. I have a virtual FreeNAS server running in VMware ESXi with a static IP address I am trying to add it to a 2003 active directory domain that has multiple sites and trusts. I only want to user users from the local domain and setup a public server.
The first few questions should be easy for someone to answer:
1) each change I make do I need to reboot the FreeNAS server, i.e. AD, Samba, DNS servers, NTP servers?
2) is there one location or a series of commands I can use to completely zero what changes I have attempted, i.e. delete the /custom/apps/samba4/config/*
3) I am trying this in the legacy interface, is that 100% broken for adding a FN box to AD?
4) should I use an older or beta version of freenas that is known to work?
So far:
1) assign the NTP server to one of the local AD servers and verify the date on the FreeNAS box
2) set the time zone correctly
3) use the windows AD server for DNS and set the host name and domain to match AD
4) create the DNS A name in DNS and verify the reverse DNS record is created
5) from the freenas host and other hosts verify you can ping hostname and FQDN of the FreeNAS box
6) from the FreeNAS box verify you can ping the domain by name
In Services SMB:
1) local Master disabled
2) Domain logins unchecked
Here is the /var/log/messages errors:
Jul 22 10:25:05 fspub1 ActiveDirectory: /usr/local/bin/python /usr/local/bin/midclt call notifier.stop cifs
Jul 22 10:25:07 fspub1 ActiveDirectory: /usr/sbin/service ix-hostname quietstart
Jul 22 10:25:07 fspub1 ActiveDirectory: /usr/sbin/service ix-kerberos quietstart default NA.AVONROOT.LAN
Jul 22 10:25:07 fspub1 ActiveDirectory: /usr/sbin/service ix-nsswitch quietstart
Jul 22 10:25:08 fspub1 ActiveDirectory: /usr/sbin/service ix-ldap quietstart
Jul 22 10:25:08 fspub1 ActiveDirectory: /usr/sbin/service ix-kinit quietstart
Jul 22 10:25:09 fspub1 ActiveDirectory: kerberos_start: /usr/bin/kinit --renewable --password-file=/tmp/tmp.VB62jfnI svc-FN@NA.AVONROOT.LAN
Jul 22 10:25:10 fspub1 ActiveDirectory: kerberos_start: Successful
Jul 22 10:25:10 fspub1 ActiveDirectory: /usr/sbin/service ix-kinit status
Jul 22 10:25:11 fspub1 ActiveDirectory: kerberos_status: klist -t
Jul 22 10:25:11 fspub1 ActiveDirectory: kerberos_status: Successful
Jul 22 10:25:11 fspub1 ActiveDirectory: /usr/local/bin/python /usr/local/bin/midclt call notifier.start cifs
Jul 22 10:25:17 fspub1 ActiveDirectory: /usr/sbin/service ix-activedirectory quietstart
Jul 22 10:25:19 fspub1 ActiveDirectory: activedirectory_start: checking if we are joined already
Jul 22 10:25:19 fspub1 ActiveDirectory: AD_testjoin_domain: net -k ads testjoin NA.AVONROOT.LAN -S 192.168.180.126 -p 389
Jul 22 10:25:20 fspub1 ActiveDirectory: AD_testjoin_domain: Failed
Jul 22 10:25:20 fspub1 ActiveDirectory: activedirectory_start: trying to join domain
Jul 22 10:25:20 fspub1 ActiveDirectory: AD_join_domain: net -k ads join NA.AVONROOT.LAN -S 192.168.180.126 -p 389
Jul 22 10:25:22 fspub1 ActiveDirectory: AD_join_domain: Failed
Jul 22 10:25:23 fspub1 uwsgi: [middleware.exceptions:36] [MiddlewareError: Active Directory failed to reload.]
I am running FreeNAS-11.2-U5(Build Date: Jun 24, 2019 18:41) on a VMware cluster running Intel Xeon processors.
FreeBSD fspub1.na.avonroot.lan 11.2-STABLE FreeBSD 11.2-STABLE #0 r325575+6aad246318c(HEAD): Mon Jun 24 17:25:47 UTC 2019 root@nemesis:/freenas-releng/freenas/_BE/objs/freenas-releng/freenas/_BE/os/sys/FreeNAS.amd64 amd64
This is kicking my butt. I have a virtual FreeNAS server running in VMware ESXi with a static IP address I am trying to add it to a 2003 active directory domain that has multiple sites and trusts. I only want to user users from the local domain and setup a public server.
The first few questions should be easy for someone to answer:
1) each change I make do I need to reboot the FreeNAS server, i.e. AD, Samba, DNS servers, NTP servers?
2) is there one location or a series of commands I can use to completely zero what changes I have attempted, i.e. delete the /custom/apps/samba4/config/*
3) I am trying this in the legacy interface, is that 100% broken for adding a FN box to AD?
4) should I use an older or beta version of freenas that is known to work?
So far:
1) assign the NTP server to one of the local AD servers and verify the date on the FreeNAS box
2) set the time zone correctly
3) use the windows AD server for DNS and set the host name and domain to match AD
4) create the DNS A name in DNS and verify the reverse DNS record is created
5) from the freenas host and other hosts verify you can ping hostname and FQDN of the FreeNAS box
6) from the FreeNAS box verify you can ping the domain by name
In Services SMB:
1) local Master disabled
2) Domain logins unchecked
Here is the /var/log/messages errors:
Jul 22 10:25:05 fspub1 ActiveDirectory: /usr/local/bin/python /usr/local/bin/midclt call notifier.stop cifs
Jul 22 10:25:07 fspub1 ActiveDirectory: /usr/sbin/service ix-hostname quietstart
Jul 22 10:25:07 fspub1 ActiveDirectory: /usr/sbin/service ix-kerberos quietstart default NA.AVONROOT.LAN
Jul 22 10:25:07 fspub1 ActiveDirectory: /usr/sbin/service ix-nsswitch quietstart
Jul 22 10:25:08 fspub1 ActiveDirectory: /usr/sbin/service ix-ldap quietstart
Jul 22 10:25:08 fspub1 ActiveDirectory: /usr/sbin/service ix-kinit quietstart
Jul 22 10:25:09 fspub1 ActiveDirectory: kerberos_start: /usr/bin/kinit --renewable --password-file=/tmp/tmp.VB62jfnI svc-FN@NA.AVONROOT.LAN
Jul 22 10:25:10 fspub1 ActiveDirectory: kerberos_start: Successful
Jul 22 10:25:10 fspub1 ActiveDirectory: /usr/sbin/service ix-kinit status
Jul 22 10:25:11 fspub1 ActiveDirectory: kerberos_status: klist -t
Jul 22 10:25:11 fspub1 ActiveDirectory: kerberos_status: Successful
Jul 22 10:25:11 fspub1 ActiveDirectory: /usr/local/bin/python /usr/local/bin/midclt call notifier.start cifs
Jul 22 10:25:17 fspub1 ActiveDirectory: /usr/sbin/service ix-activedirectory quietstart
Jul 22 10:25:19 fspub1 ActiveDirectory: activedirectory_start: checking if we are joined already
Jul 22 10:25:19 fspub1 ActiveDirectory: AD_testjoin_domain: net -k ads testjoin NA.AVONROOT.LAN -S 192.168.180.126 -p 389
Jul 22 10:25:20 fspub1 ActiveDirectory: AD_testjoin_domain: Failed
Jul 22 10:25:20 fspub1 ActiveDirectory: activedirectory_start: trying to join domain
Jul 22 10:25:20 fspub1 ActiveDirectory: AD_join_domain: net -k ads join NA.AVONROOT.LAN -S 192.168.180.126 -p 389
Jul 22 10:25:22 fspub1 ActiveDirectory: AD_join_domain: Failed
Jul 22 10:25:23 fspub1 uwsgi: [middleware.exceptions:36] [MiddlewareError: Active Directory failed to reload.]