I have had a IXSystems FreeNAS Mini working in our Active Directory environment for a few months without issue.
I decided to purchase a second FreeNas Mini to do real-time zfs syncing of the first. I went through the setup wizard and set things up for Active Directory. I changed the hostname to something different than the default "freenas" and then went into Directory Services -> Active Directory and clicked "enable."
This caused the second device to join the domain, but somehow keeping the original "freenas" hostname, thus overwriting the connection the first freenas system used. This immediately broke all the network share connections that my users were using. :(
I immediately shut down the new freenas server, deleted the freenas computer account in Active Directory, and then disabled and re-enabled "Active Directory" on the original freenas server to have the computer account re-created.
However, this did not completely fix things. I can only access shares on the original freenas server using its ip address now. Attempts to use the name result in "access denied" errors, and I'm seeing lots of these from the console:
STATUS=daemon 'smbd' finished starting up and ready to serve connectionsgss_accept_sec_context failed with [ Miscellaneous failure (see text): Failed to find cifs/FREENAS.intranet.domain.com@INTRANET.DOMAIN.COM(kvno 28) in keytab MEMORY:cifs_srv_keytab (arcfour-hmac-md5)]
(I replaced domain with our actual domain)
I never set up keytab. I just used the web gui to join the domain. The Kerberose keytab settings are blank in the gui.
This isn't a DNS issue either -- I can ping "freenas".
Does anyone know what's going on here?
I decided to purchase a second FreeNas Mini to do real-time zfs syncing of the first. I went through the setup wizard and set things up for Active Directory. I changed the hostname to something different than the default "freenas" and then went into Directory Services -> Active Directory and clicked "enable."
This caused the second device to join the domain, but somehow keeping the original "freenas" hostname, thus overwriting the connection the first freenas system used. This immediately broke all the network share connections that my users were using. :(
I immediately shut down the new freenas server, deleted the freenas computer account in Active Directory, and then disabled and re-enabled "Active Directory" on the original freenas server to have the computer account re-created.
However, this did not completely fix things. I can only access shares on the original freenas server using its ip address now. Attempts to use the name result in "access denied" errors, and I'm seeing lots of these from the console:
STATUS=daemon 'smbd' finished starting up and ready to serve connectionsgss_accept_sec_context failed with [ Miscellaneous failure (see text): Failed to find cifs/FREENAS.intranet.domain.com@INTRANET.DOMAIN.COM(kvno 28) in keytab MEMORY:cifs_srv_keytab (arcfour-hmac-md5)]
(I replaced domain with our actual domain)
I never set up keytab. I just used the web gui to join the domain. The Kerberose keytab settings are blank in the gui.
This isn't a DNS issue either -- I can ping "freenas".
Does anyone know what's going on here?
Last edited: