Register for the iXsystems Community to get an ad-free experience and exclusive discounts in our eBay Store.

Unable to join to AD domain

Joined
Jan 27, 2020
Messages
2
Unable to join to AD domain

I have spent hours and have searched and tried everything I can find online and on this forum but am still unable to join my freenas to our
Windows 2016 domain. Can someone please help?

Error I get in the freenas web gui is:

MiddlewareError: Active Directory failed to reload

When I run command below I get error:

root@freenas[~]# service ix-kinit start
ERROR: {'desc': 'Connect error', 'errno': 2, 'info': 'No such file or directory'}

When I run command below I get error:

root@freenas1[~]# /etc/directoryservice/ActiveDirectory/ctl start
ERROR: {'desc': "Can't contact LDAP server", 'errno': 2, 'info': 'No such file or directory'}

When I run the commands below all complete without any output except #4 - and it produces the idental error as the other two commands above.

1) sqlite3 /data/freenas-v1.db "UPDATE directoryservice_activedirectory SET ad_enable=1"
2) service ix-hostname start
3) service ix-kerberos start
4) service ix-kinit start
5) service ix-pre-samba start
6) net -k -d 7 ads join

For tail /var/log/debug.log I see:
Jan 27 15:25:54 freenas1 uwsgi: [api.utils:12] File "./freenasUI/directoryservice/forms.py", line 639, in save
Jan 27 15:25:54 freenas1 uwsgi: [api.utils:12] _("Active Directory failed to reload."),
Jan 27 15:25:54 freenas1 uwsgi: [api.utils:12] freenasUI.middleware.exceptions.MiddlewareError: [MiddlewareError: Active Directory failed to reload.]

I followed, read and reread instructions at https://www.ixsystems.com/documentation/freenas/11.2-U7/directoryservices.html

I read all three of these posts and tried everything mentioned https://www.ixsystems.com/community/search/389216/?q=MiddlewareError:+Active+Directory+failed+to+reload&c[title_only]=1&o=relevance

I set time in BIOS to be the same to the second as freenas and DC.

From freenas I can ping DC by name name, freenas by name, DC can ping freenas and anoither computer on network can ping freenas.

Have tried joining with and without freenas computer object added first on DC.

Set up freenasadmin account and set it to have full rights to freenas computer object.

Set freenas computer object to "trust this computer for delegation to any service (Kerberos only)"

Exported private adn public key from DC, used openssl to convert to text and then pasted into freenas and am picking it from drop down list in web gui when tryng
to join freenas to domain.

Tried Directory Services/Active Directory join using both basic - and advanced mode with domain short/long/upper and lower case, with TLS and certificate and without
both, SASL Wrapping set to sign/basic,

Thought maybe I needed to connect LDP but that produces same error [MiddlewareError: LDAP failed to reload.]

Below is my configuration. Can anyone help??!!

FreeNAS-11.2-U7 (Build Date: Nov 19, 2019 0:4)
Intel(R) Xeon(R) CPU E5620 @ 2.40GHz (8 cores)
12 GiB Memory
583.75 GB storage pool
Hardware: Dell PowerEdge R510
 
Joined
Jan 27, 2020
Messages
2
I saw there was a newer version of FREENAS available - 11.3 - so I started completely over and installed everything from scratch using this version. Then set up a Storage Pool, Active Directory, Samba and a share using basic settings for everything - and it just worked on the first try! Took about 10 minutes. Unbelievable!

Well, I am now very familiar with how to get around in FREENAS so guess the many hours I spent trying to get it working the first time were not spent completely in vain.
 

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
5,904
I appreciate the feedback. There were significant AD changes / improvements that went into 11.3 which should make things much easier for end-users.
 
Last edited:
Top