Unable to find Domain Controllers for <domain>

Status
Not open for further replies.
I

Ian Carson

Explorer
Joined
Jul 5, 2016
Messages
55
I have a stable fully functional version of 9.10-STABLE which I want to upgrade to 9.10.2-U3. I CAN perform the upgrade but AD functionality is lost. An examination of debug.log shows

May 14 14:47:36 ParadigmRAID manage.py: [common.freenasldap:1150] FreeNAS_ActiveDirectory_Base.get_SRV_records: looking up SRV records for _ldap._tcp.dc._msdcs.paradigm.local
May 14 14:48:06 ParadigmRAID manage.py: [common.freenasldap:1162] FreeNAS_ActiveDirectory_Base.get_SRV_records: no SRV records for _ldap._tcp.dc._msdcs.paradigm.local found, fail!

If I then modify resolv.conf to include the ip address of the domain's nameserver I can get a SRV record using the cli command
host -t srv _ldap._tcp.dc._msdcs.paradigm.local
this results in
_ldap._tcp.dc._msdcs.paradigm.local has SRV record 0 100 389 vpfmdc01.paradigm.local (This is the AD DC)

I am using SMB shares which I can see from my Windows 7 machine but I am unable to access them due to (I suspect) not being able to authenticate to the DC as freenas can's see it. Note that the change to resolv.conf does not allow freenas to save the AD configuration - I still get the "Unable to find Domain controllers..." message.

People elsehere in the forum has said that this is fixed in 9.11 but there is no upgrade path from 9.10-STABLE to 9.11 (I tried) so I'm stuck.

Any thoughts/suggestion would be great.
 
I

Ian Carson

Explorer
Joined
Jul 5, 2016
Messages
55
P.S. I've just tired the vaious "net ads" commands and their all coming back as ads_connect: No logon servers
This is after changing the resolve.conf and successfully getting a SRV record
 
D

dlavigne

Guest
Ian Carson said:
People elsehere in the forum has said that this is fixed in 9.11 but there is no upgrade path from 9.10-STABLE to 9.11 (I tried) so I'm stuck..
Click to expand...

Use the FreeNAS-11-STABLE train to update to 11.
 
I

Ian Carson

Explorer
Joined
Jul 5, 2016
Messages
55
dlavigne said:
Use the FreeNAS-11-STABLE train to update to 11.
Click to expand...

When I select FreeNAS-11-STABLE from the train combobox and then do a "CheckNow" I get the following error

Update Server could not be reached. Cannot upgrade from FreeNAS-9.10-STABLE-201606270534 to FreeNAS 11

I guess this could mean that the upgrade is not possible because the server cannot be reached and not that the upgrade is intrinsically impossible between 9.10-STABLE and 9.11. Having said that my connectivity to the rest of the internet seems intact. Has anyone else seen this connectivity error?
 
I

Ian Carson

Explorer
Joined
Jul 5, 2016
Messages
55
Traceback from the attemped "Check Now" on the GUI update page shows:

Traceback (most recent call last):
File "/usr/local/www/freenasUI/../freenasUI/system/views.py", line 1448, in update_check
train=updateobj.get_train(),
File "/usr/local/lib/freenasOS/Update.py", line 821, in CheckForUpdates
new_manifest.RunValidationProgram(cache_dir)
File "/usr/local/lib/freenasOS/Manifest.py", line 627, in RunValidationProgram
raise Exceptions.UpdateInvalidUpdateException(err.output.rstrip())
UpdateInvalidUpdateException: 'Cannot upgrade from FreeNAS-9.10-STABLE-201606270534 to FreeNAS 11
 
I

Ian Carson

Explorer
Joined
Jul 5, 2016
Messages
55
I

Ian Carson

Explorer
Joined
Jul 5, 2016
Messages
55
Right... Just tried again with the correct Train name

freenas-update -T FreeNAS-11-STABLE -v check

Note the last line says
" Update not permitted: Cannot upgrade from FreeNAS-9.10-STABLE-201606270534 to FreeNAS 11"

Does this mean I need to boot into 9.10.2-U3 before I can move the train and do an update to 11?

The full output was:

Code:
TryGetNetworkFile(['http://update-master.freenas.org/FreeNAS/FreeNAS-11-STABLE/LATEST'])											
TryGetNetworkFile(['http://update-master.freenas.org/FreeNAS/FreeNAS-11-STABLE/LATEST']):  Read 2347 bytes total					
TryGetNetworkFile(['https://web.ixsystems.com/updates/ix_crl.pem'])																
TryGetNetworkFile(['https://web.ixsystems.com/updates/ix_crl.pem']):  Read 1028 bytes total										
Verify command = ['/usr/local/libexec/verify_signature', '-K', '/usr/local/share/certs/freenas-update.pem', '-C', '/usr/local/share/
certs/iX-CA.pem', '-S', u'JHiTSC2BUyXxKnPOiEiIcZyADfV3oQBmgxWV57v02+QXF4UHuQLrxJM+FR/EqQpk9qi4c2dX+8MU+wv2Ek5TBce+fEuQ0hkCNJdSmgrOiu
gLr6JadnMRKaAJgVJxKrDU5v2U7Jatsg834euk+bxIVT3RGkC1JOXms3XUV1nPeBkigFOre6n3GAAjUxnpKKv12TkwcUe4rK1fjeyXdcr3ZxExJZIum7aRB1TkydVVI/kfPH
aWZyjRdZRa85xnkuXPEI+rlwa5NZ1PXLuBU9pMBfwoYVDD+V+Se3PxX9JPfjHMdE5tvkopK6ZvunVAu5pFtSZ7EkLqVlxfjIjubyaYOg==', '-R', '/tmp/tmpIuQ5qx.p
em']																																
Signature check succeeded																										
TryGetNetworkFile(['https://web.ixsystems.com/updates/ix_crl.pem'])																
TryGetNetworkFile(['https://web.ixsystems.com/updates/ix_crl.pem']):  Read 1028 bytes total										
Verify command = ['/usr/local/libexec/verify_signature', '-K', '/usr/local/share/certs/freenas-update.pem', '-C', '/usr/local/share/
certs/iX-CA.pem', '-S', u'HQnXfkcvWMYPHotZ7d8oZ4L/DhYPRBxbdqQ/9A46f9NkiD//PyPdLXLtseZ0bH1VcnEupdoYWi8GB29jvdeAsEosHG7ePxiuWdRV5FT5ek
UcmxvLkhBxGOidGxmlP6Hpf120Nwt+y/xiHUpJFJk9OEnq1nEtbjNjc2dShyebcK8uSy6fzHk5EGW5XHYm7IRvEPiVYqgkEwkfdVLcgEBD515F6eYdMmD6ud/YdJpu3rjpGv
gRAH+Hm8veDGtRlLL1nQ1fRZH7a6MHVgq729v9bjG1pQqBygJAiLprrrvRwGx0kAippSWxFULifr/NvXy1tWTpmQi4zLSaR+dfSJ9Txw==', '-R', '/tmp/tmpWBT0RJ.p
em']																																
Signature check succeeded																										
TryGetNetworkFile(['https://web.ixsystems.com/updates/ix_crl.pem'])																
TryGetNetworkFile(['https://web.ixsystems.com/updates/ix_crl.pem']):  Read 1028 bytes total										
Verify command = ['/usr/local/libexec/verify_signature', '-K', '/usr/local/share/certs/freenas-update.pem', '-C', '/usr/local/share/
certs/iX-CA.pem', '-S', u'HQnXfkcvWMYPHotZ7d8oZ4L/DhYPRBxbdqQ/9A46f9NkiD//PyPdLXLtseZ0bH1VcnEupdoYWi8GB29jvdeAsEosHG7ePxiuWdRV5FT5ek
UcmxvLkhBxGOidGxmlP6Hpf120Nwt+y/xiHUpJFJk9OEnq1nEtbjNjc2dShyebcK8uSy6fzHk5EGW5XHYm7IRvEPiVYqgkEwkfdVLcgEBD515F6eYdMmD6ud/YdJpu3rjpGv
gRAH+Hm8veDGtRlLL1nQ1fRZH7a6MHVgq729v9bjG1pQqBygJAiLprrrvRwGx0kAippSWxFULifr/NvXy1tWTpmQi4zLSaR+dfSJ9Txw==', '-R', '/tmp/tmpW6Z1NI.p
em']																																
Signature check succeeded																										
Going to try checking cached manifest /var/db/system/update/MANIFEST																
Going to try loading manifest file now																							
TryGetNetworkFile(['https://web.ixsystems.com/updates/ix_crl.pem'])																
TryGetNetworkFile(['https://web.ixsystems.com/updates/ix_crl.pem']):  Read 1028 bytes total										
Verify command = ['/usr/local/libexec/verify_signature', '-K', '/usr/local/share/certs/freenas-update.pem', '-C', '/usr/local/share/
certs/iX-CA.pem', '-S', u'HQnXfkcvWMYPHotZ7d8oZ4L/DhYPRBxbdqQ/9A46f9NkiD//PyPdLXLtseZ0bH1VcnEupdoYWi8GB29jvdeAsEosHG7ePxiuWdRV5FT5ek
UcmxvLkhBxGOidGxmlP6Hpf120Nwt+y/xiHUpJFJk9OEnq1nEtbjNjc2dShyebcK8uSy6fzHk5EGW5XHYm7IRvEPiVYqgkEwkfdVLcgEBD515F6eYdMmD6ud/YdJpu3rjpGv
gRAH+Hm8veDGtRlLL1nQ1fRZH7a6MHVgq729v9bjG1pQqBygJAiLprrrvRwGx0kAippSWxFULifr/NvXy1tWTpmQi4zLSaR+dfSJ9Txw==', '-R', '/tmp/tmp2AkCpE.p
em']																																
Signature check succeeded																										
Loaded manifest file																												
Cached manifest file has sequence 0449fefcfe064b30b82ac037398dc224, latest_manfest has sequence 7468dae17edac560997ce914e8c261cc	
Cached sequence is not the latest, so removing																					
TryGetNetworkFile([u'http://update.freenas.org/FreeNAS/Validators/ValidateUpdate-r01puF.txt', u'http://update-master.freenas.org/Fre
eNAS/Validators/ValidateUpdate-r01puF.txt'])																						
TryGetNetworkFile([u'http://update.freenas.org/FreeNAS/Validators/ValidateUpdate-r01puF.txt', u'http://update-master.freenas.org/Fre
eNAS/Validators/ValidateUpdate-r01puF.txt']):  Read 831 bytes total																
'Cannot upgrade from FreeNAS-9.10-STABLE-201606270534 to FreeNAS 11'																
Update not permitted:																											
Cannot upgrade from FreeNAS-9.10-STABLE-201606270534 to FreeNAS 11
 
I

Ian Carson

Explorer
Joined
Jul 5, 2016
Messages
55
Also now concerned that the move to 11 is irrevocable and I wont be able to get back to 9.10-STABLE if 11 does not fix the issues with AD.

Is this a valid concern?
 
D

dlavigne

Guest
Ian Carson said:
Right... Just tried again with the correct Train name

freenas-update -T FreeNAS-11-STABLE -v check

Note the last line says
" Update not permitted: Cannot upgrade from FreeNAS-9.10-STABLE-201606270534 to FreeNAS 11"

Does this mean I need to boot into 9.10.2-U3 before I can move the train and do an update to 11?
Click to expand...

Yup.
 
D

dlavigne

Guest
Ian Carson said:
Also now concerned that the move to 11 is irrevocable and I wont be able to get back to 9.10-STABLE if 11 does not fix the issues with AD.

Is this a valid concern?
Click to expand...

Nope, not irrevocable. Simply reboot into your 9.10-STABLE boot environment.
 
I

Ian Carson

Explorer
Joined
Jul 5, 2016
Messages
55
Ok then that's good.

I rebooted to 9.10-U3 and attempted the update.
I get
Update Server could not be reached

with the following traceback

Code:
Traceback (most recent call last):
File "/usr/local/www/freenasUI/../freenasUI/system/views.py", line 1460, in update_check
train=updateobj.get_train(),
File "/usr/local/www/freenasUI/../freenasUI/system/models.py", line 586, in get_train
trains = conf.AvailableTrains() or []
File "/usr/local/lib/freenasOS/Configuration.py", line 960, in AvailableTrains
fileref = self.TryGetNetworkFile(file=TRAIN_FILE, reason="FetchTrains")
File "/usr/local/lib/freenasOS/Configuration.py", line 728, in TryGetNetworkFile
raise url_exc
URLError: <urlopen error [Errno 8] hostname nor servname provided, or not known>


Now I'm also wondering if this is my AD issue resurfacing not allowing access to my gateway because the FreeNAS box is not properly on the domain?

I have added 8.8.8.8 to my nameserver list to no avail.
 
I

Ian Carson

Explorer
Joined
Jul 5, 2016
Messages
55
I can no longer ping update.freenas.org from the shell. It won't resolve
 
I

Ian Carson

Explorer
Joined
Jul 5, 2016
Messages
55
Pinged from another machine to get the IP and added the IP to the Host name data base on Network-Global Configuration page. Now I can ping it from the shell
 
I

Ian Carson

Explorer
Joined
Jul 5, 2016
Messages
55
But still get the same error when I try check now on the Update page
 
I

Ian Carson

Explorer
Joined
Jul 5, 2016
Messages
55
Running another update check from the shell

freenas-update -T FreeNAS-11-STABLE -v check

delivers..

Code:
															  
[freenasOS.Configuration:637] TryGetNetworkFile(['http://update-master.ixsystems.com/FreeNAS/FreeNAS-11-STABLE/LATEST'])			
[freenasOS.Configuration:713] Unable to load http://update-master.ixsystems.com/FreeNAS/FreeNAS-11-STABLE/LATEST: <urlopen error [Er
rno 8] hostname nor servname provided, or not known>																				
[freenasOS.Configuration:727] Unable to load ['http://update-master.ixsystems.com/FreeNAS/FreeNAS-11-STABLE/LATEST']: <urlopen error
[Errno 8] hostname nor servname provided, or not known>																			
[freenas-update:223] <urlopen error [Errno 8] hostname nor servname provided, or not known>										 
Traceback (most recent call last):																								 
  File "/usr/local/bin/freenas-update", line 197, in DoDownload																	 
	rv = Update.DownloadUpdate(train, cache_dir, pkg_type=pkg_type, ignore_space=ignore_space)									 
  File "/usr/local/lib/freenasOS/Update.py", line 905, in DownloadUpdate															
	latest_mani = conf.FindLatestManifest(train, require_signature=True)															
  File "/usr/local/lib/freenasOS/Configuration.py", line 1077, in FindLatestManifest												
	reason="GetLatestManifest",																									 
  File "/usr/local/lib/freenasOS/Configuration.py", line 728, in TryGetNetworkFile												 
	raise url_exc																												   
URLError: <urlopen error [Errno 8] hostname nor servname provided, or not known>													
Received exception during download phase, cannot update
 
I

Ian Carson

Explorer
Joined
Jul 5, 2016
Messages
55
This all seems very circular to me

Booted into 9.10-STABLE =>
can see the upgrade servers but can't upgrade to 11 because not booted into 9.10.2-U3
have a working AD
Booted into 9.10.2-U3 =>
have no working AD
can no longer see the upgrade servers and therefore cannot upgrade to get to the fix for AD in 11

Illicits a "WTF" from me I'm afraid
 
I

Ian Carson

Explorer
Joined
Jul 5, 2016
Messages
55
Just booted into 9.10.2-U3 again but ran a verbose boot.

/var/log/debug.log shows the following entries. Which would seem to indicate that the system can get to the update servers during boot.(note particularly the references to FreeNAS-11-STABLE)

Unfortunately they can't once the boot is completed and I test at the UI where I still get the hostname error.



Code:
May 16 11:43:33 ParadigmRAID manage.py: [freenasOS.Configuration:554] TryGetNetworkFile(['http://update.freenas.org/FreeNAS/trains.txt', 'http://update-master.freenas.org/FreeNAS/trains.txt'])
May 16 11:43:37 ParadigmRAID manage.py: [freenasOS.Configuration:667] TryGetNetworkFile(['http://update.freenas.org/FreeNAS/trains.txt', 'http://update-master.freenas.org/FreeNAS/trains.txt']):  Read 673 bytes total
May 16 11:43:37 ParadigmRAID manage.py: [freenasOS.Configuration:554] TryGetNetworkFile(['http://update.freenas.org/FreeNAS/trains.txt', 'http://update-master.freenas.org/FreeNAS/trains.txt'])
May 16 11:43:37 ParadigmRAID manage.py: [freenasOS.Configuration:667] TryGetNetworkFile(['http://update.freenas.org/FreeNAS/trains.txt', 'http://update-master.freenas.org/FreeNAS/trains.txt']):  Read 673 bytes total
May 16 11:49:42 ParadigmRAID manage.py: [freenasOS.Configuration:554] TryGetNetworkFile(['http://update.freenas.org/FreeNAS/trains.txt', 'http://update-master.freenas.org/FreeNAS/trains.txt'])
May 16 11:49:51 ParadigmRAID manage.py: [freenasOS.Configuration:667] TryGetNetworkFile(['http://update.freenas.org/FreeNAS/trains.txt', 'http://update-master.freenas.org/FreeNAS/trains.txt']):  Read 673 bytes total
May 16 11:49:51 ParadigmRAID manage.py: [freenasOS.Configuration:554] TryGetNetworkFile([u'http://update-master.freenas.org/FreeNAS/FreeNAS-11-STABLE/LATEST'])
May 16 11:49:54 ParadigmRAID manage.py: [freenasOS.Configuration:667] TryGetNetworkFile([u'http://update-master.freenas.org/FreeNAS/FreeNAS-11-STABLE/LATEST']):  Read 2347 bytes total
May 16 11:49:54 ParadigmRAID manage.py: [freenasOS.Configuration:554] TryGetNetworkFile(['https://web.ixsystems.com/updates/ix_crl.pem'])
May 16 11:49:58 ParadigmRAID manage.py: [freenasOS.Configuration:667] TryGetNetworkFile(['https://web.ixsystems.com/updates/ix_crl.pem']):  Read 1028 bytes total
May 16 11:49:58 ParadigmRAID manage.py: [freenasOS.Manifest:417] Verify command = ['/usr/local/libexec/verify_signature', '-K', '/usr/local/share/certs/freenas-update.pem', '-C', '/usr/local/share/certs/iX-CA.pem', '-S', u'JHiTSC2BUyXxKnPOiEiIcZyADfV3oQBmgxWV57v02+QXF4UHuQLrxJM+FR/EqQpk9qi4c2dX+8MU+wv2Ek5TBce+fEuQ0hkCNJdSmgrOiugLr6JadnMRKaAJgVJxKrDU5v2U7Jatsg834euk+bxIVT3RGkC1JOXms3XUV1nPeBkigFOre6n3GAAjUxnpKKv12TkwcUe4rK1fjeyXdcr3ZxExJZIum7aRB1TkydVVI/kfPHaWZyjRdZRa85xnkuXPEI+rlwa5NZ1PXLuBU9pMBfwoYVDD+V+Se3PxX9JPfjHMdE5tvkopK6ZvunVAu5pFtSZ7EkLqVlxfjIjubyaYOg==', '-R', '/tmp/tmpsneDs9.pem']
May 16 11:49:58 ParadigmRAID manage.py: [freenasOS.Manifest:433] Signature check succeeded
May 16 11:49:58 ParadigmRAID manage.py: [freenasOS.Configuration:554] TryGetNetworkFile([u'http://update.freenas.org/FreeNAS/Validators/ValidateUpdate-r01puF.txt', u'http://update-master.freenas.org/FreeNAS/Validators/ValidateUpdate-r01puF.txt'])
May 16 11:49:59 ParadigmRAID manage.py: [freenasOS.Configuration:667] TryGetNetworkFile([u'http://update.freenas.org/FreeNAS/Validators/ValidateUpdate-r01puF.txt', u'http://update-master.freenas.org/FreeNAS/Validators/ValidateUpdate-r01puF.txt']):  Read 831 bytes total
 
I

Ian Carson

Explorer
Joined
Jul 5, 2016
Messages
55
Okay. Trying a different approach. I have the option on the update page to update manually.

Please let me know where I can get the necessary update files to do this?
 
I

Ian Carson

Explorer
Joined
Jul 5, 2016
Messages
55
The long and wandering attempts to upgrade to 11 via the GUI as laid out in the first version of the thread of the same name were unsuccessful. However I battled on undeterred and went through a manual upgrade to version 11 so that the nirvana of all my AD problems being solved would eventuate.

With the manual upgrade completed successfully I opened FreeNAS and...

...nothing has changed. I am still "unable to find domain controllers for <domain>" when I attempt to enable Active Directory and "Save".

DLavigne has been very patient with me regarding this issue when I was attempting to correct it in earlier versions but now that the same issue still exists in 11 are there any other knowlegeable people at iX who could take some of the load from them and address this continuing problem.

As always - grateful for assistance.
 
D

dlavigne

Guest
Sounds like it's time to report a bug at bugs.freenas.org so a dev can take a closer look. Include your debug (from System -> Advanced -> Save Debug) and post the issue number here. Note that while the debug is attached, the bug will be marked private so others won't see the report. Once the dev has the info needed, he can remove the debug so others can see the ticket's progress.
 
Status
Not open for further replies.

Similar threads

M
  • Locked
no SRV records found fail!
Replies
3
Views
3K
meltman
M
E
  • Locked
Can't bind to secondary DC
Replies
4
Views
2K
echelon5
E
M
  • Locked
Error connecting FreeNAS to AD
Replies
6
Views
2K
marcelst
M
N
  • Locked
AD Not Working Not Saving Config 9.3.1 Stable
Replies
4
Views
2K
Nick Lutz
N
fisherwei
  • Locked
SOLVED When join AD, I got "Unable to find domain controllers"
Replies
3
Views
18K
fisherwei
fisherwei
Top