Trouble Integrating with Active Directory

[Michael Hodge]

I've been having trouble integrating FreeNAS with Active Directory. Every time I try to boot up the service it gives me an error "The service could not be started". I'm not sure where to begin, I have tried just about everything when trying to connect. I have AD running on Windows Server 2008 R2. Do I need any of the advance options filled out? I have tried it with the advanced options completely filled with information, with just the domain controller filled in and without any information. I also have no idea what to put for the workgroup since I though you can either be apart of a domain or a workgroup but not both. I'm not sure what else I should include in here, but if you need any more information please feel free to ask.

This is the output from the console when I try to start the service:

Oct 15 15:35:24 FreeNAS notifier: Starting nmbd.
Oct 15 15:35:24 FreeNAS notifier: Starting smbd.
Oct 15 15:35:24 FreeNAS notifier: Starting winbindd.
Oct 15 15:35:24 FreeNAS winbindd[29472]: [2013/10/15 15:35:24.259126, 0] winbindd/winbindd_util.c:635(init_domain_list)
Oct 15 15:35:24 FreeNAS winbindd[29472]: Could not fetch our SID - did we join?
Oct 15 15:35:24 FreeNAS winbindd[29472]: [2013/10/15 15:35:24.259251, 0] winbindd/winbindd.c:1108(winbindd_register_handlers)
Oct 15 15:35:24 FreeNAS winbindd[29472]: unable to initialize domain list
Oct 15 15:35:24 FreeNAS ActiveDirectory: /usr/sbin/service ix-activedirectory quietstart
Oct 15 15:35:27 FreeNAS ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py stop cifs
Oct 15 15:35:28 FreeNAS notifier: Stopping dbus.
Oct 15 15:35:28 FreeNAS avahi-daemon[28037]: Disconnected from D-Bus, exiting.
Oct 15 15:35:28 FreeNAS notifier: Waiting for PIDS: 28008.
Oct 15 15:35:28 FreeNAS notifier: dbus not running? (check /var/run/dbus/dbus.pid).
Oct 15 15:35:28 FreeNAS notifier: Starting dbus.
Oct 15 15:35:28 FreeNAS notifier: Stopping avahi-daemon.
Oct 15 15:35:28 FreeNAS notifier: Failed to kill daemon: No such file or directory
Oct 15 15:35:28 FreeNAS notifier: Stopping avahi-daemon.
Oct 15 15:35:28 FreeNAS notifier: Failed to kill daemon: No such file or directory
Oct 15 15:35:28 FreeNAS notifier: Starting avahi-daemon.
Oct 15 15:35:28 FreeNAS avahi-daemon[29803]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
Oct 15 15:35:28 FreeNAS notifier: winbindd not running? (check /var/run/samba/winbindd.pid).
Oct 15 15:35:28 FreeNAS notifier: Stopping smbd.
Oct 15 15:35:29 FreeNAS notifier: Waiting for PIDS: 29466, 29466.
Oct 15 15:35:29 FreeNAS notifier: Stopping nmbd.
Oct 15 15:35:29 FreeNAS notifier: Waiting for PIDS: 29462.
Oct 15 15:35:29 FreeNAS ActiveDirectory: /usr/sbin/service ix-kerberos quietstop
Oct 15 15:35:29 FreeNAS ActiveDirectory: /usr/sbin/service ix-nsswitch quietstop
Oct 15 15:35:30 FreeNAS ActiveDirectory: /usr/sbin/service ix-pam quietstop
Oct 15 15:35:30 FreeNAS ActiveDirectory: /usr/sbin/service ix-kinit forcestop
Oct 15 15:35:30 FreeNAS ActiveDirectory: /usr/sbin/service ix-activedirectory forcestop
Oct 15 15:35:31 FreeNAS ActiveDirectory: /usr/sbin/service ix-cache quietstop &
Oct 15 15:35:32 FreeNAS ActiveDirectory: /usr/sbin/service samba forcestop
Oct 15 15:35:32 FreeNAS ActiveDirectory: /usr/sbin/service ix-samba start
Oct 15 15:35:33 FreeNAS ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py start cifs
Oct 15 15:35:34 FreeNAS notifier: dbus already running? (pid=29774).
Oct 15 15:35:34 FreeNAS notifier: Starting avahi-daemon.
Oct 15 15:35:34 FreeNAS notifier: Daemon already running on PID 29803
Oct 15 15:35:34 FreeNAS notifier: Removing stale Samba tdb files: ...... done
Oct 15 15:35:34 FreeNAS notifier: Starting nmbd.
Oct 15 15:35:34 FreeNAS notifier: Starting smbd.

If anyone could please help I would really appreciate it.

 

[dlavigne]

Do any of the tips at http://doc.freenas.org/index.php/Directory_Services#Troubleshooting_Tips resolve the issue? Also, in the Active Directory settings, try not using caps in the domain name, using all caps in the netbios name and check the workgroup name.

 

[berrick]

Hi,

I guess you have already tried these?

• Ensure time is the same on both the NAS and AD boxes
• DNS is functioning, you can ping AD by name
• It is important to ensure the new option under
  • Setting
  • General
    • Directory Service is set to Active Directory

The AD setup is as follows in Directory Service setup

o domain name as follows your (lowercase) domainname.com​

o net bios name in caps (hostname of FreeNas box) FREENAS​

o workgroup name in caps (old style) DOMAINNAME​

 

[Michael Hodge]

Thanks for the help guys. I reall appreciate it. It ended up being that I needed to have the workgroup as just the beginning of my domain with no .com or .net at the end and all lower case. Now I have been having problems trying to get my folders to deny users access unless they have permission. For some reason it lets everyone read, write and execute even when they don't have permission. It seems that discussion is for another thread though. Thanks again your suggestions really helped.