W2K8R2 Active Directory / 9.2.1.6 winbindd idmap range not specified

[Ed Hornsey]

Looks a bit odd to me.

AD domain is webheath.local
All settings in Freenas point to a DNS resolvable AD server running all services.
Freenas message says

Code:

Jul  7 07:55:33 freenas winbindd[17938]:  STATUS=daemon 'winbindd' finished starting up and ready to serve connectionsidmap range not specified for domain FREENAS

Why would the server be looking for a domain called Freenas?

 

[dlavigne]

Did you ever figure this out?

 

[Ed Hornsey]

Did you ever figure this out?

Nope, still occuring in 9.2.1.7.

On my list of things to google!

 

[anodos]

That's interesting. If you don't mind, can you post your sanitized smb4.conf file and the output of 'hostname'? Are you running any jails?

 

[Ed Hornsey]

Hi,

Only jail running is MySQL.

Hostname is freenas.webheath.local

Results from /usr/var/local/smb4.conf

Code:

[global]                                                                                                                           
    server max protocol = SMB3                                                                                                     
    encrypt passwords = yes                                                                                                        
    dns proxy = no                                                                                                                 
    strict locking = no                                                                                                            
    oplocks = yes                                                                                                                  
    deadtime = 15                                                                                                                  
    max log size = 51200                                                                                                           
    max open files = 11070                                                                                                         
    load printers = no                                                                                                             
    printing = bsd                                                                                                                 
    printcap name = /dev/null                                                                                                      
    disable spoolss = yes                                                                                                          
    getwd cache = yes                                                                                                              
    guest account = nobody                                                                                                         
    map to guest = Bad User                                                                                                        
    obey pam restrictions = Yes                                                                                                    
    directory name cache size = 0                                                                                                  
    kernel change notify = no                                                                                                      
    panic action = /usr/local/libexec/samba/samba-backtrace                                                                        
    server string = FreeNAS Server                                                                                                 
    ea support = yes                                                                                                               
    store dos attributes = yes                                                                                                     
    acl allow execute always = true                                                                                                
    idmap config *:backend = tdb                                                                                                   
    idmap config *:range = 90000000-100000000                                                                                      
    server role = member server                                                                                                    
    netbios name = FREENAS                                                                                                         
    workgroup = WEBHEATH                                                                                                           
    realm = WEBHEATH.LOCAL                                                                                                         
    security = ADS                                                                                                                 
    client use spnego = yes                                                                                                        
    cache directory = /var/tmp/.cache/.samba                                                                                       
    local master = no                                                                                                              
    domain master = no                                                                                                             
    preferred master = no                                                                                                          
    acl check permissions = true                                                                                                   
    acl map full control = true                                                                                                    
    dos filemode = yes                                                                                                             
    winbind cache time = 7200                                                                                                      
    winbind offline logon = yes                                                                                                    
    winbind enum users = yes                                                                                                       
    winbind enum groups = yes                                                                                                      
    winbind nested groups = yes                                                                                                    
    winbind use default domain = yes                                                                     
    winbind refresh tickets = yes                                                                                                  
    idmap config webheath: backend = rid                                                                                           
    idmap config webheath: range = 20000-20000000                                                                                  
    allow trusted domains = no                                                                                                     
    template shell = /bin/sh                                                                                                       
    template homedir = /home/%U                                                                                                    
    pid directory = /var/run/samba                                                                                                 
    smb passwd file = /var/etc/private/smbpasswd                                                                                   
    private dir = /var/etc/private                                                                                                 
    create mask = 0666                                                                                                             
    directory mask = 0777                                                                                                          
    client ntlmv2 auth = yes                                                                                                       
    dos charset = CP437                                                                                                            
    unix charset = UTF-8                                                                                                           
    log level = 1                                                                                                                  
    acl check permissions = No

 

[anodos]

My best guess is that samba is trying to use the network interface for your jail. It's a promiscuous little bugger. If you stop your MySQL jail does the problem go away? Does the problem persist in 9.2.1.8? From a Windows workstation run "nbtstat -A [IP of FreeNAS server]"

Try setting the "interfaces" parameter for smb.conf in the "auxiliary parameters" field of your CIFS config. For proper syntax see here: https://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#INTERFACES

 

[Ed Hornsey]

Hi anodos - your suggestion worked - thank you.:)

interfaces = <ip of server> in the auxilliary parameters for cifs.