AD and CIFS Configuration

Discussion in 'User Authentication' started by ashishchandrakar, Apr 27, 2012.

  1. ashishchandrakar New Member

    Member Since:
    Apr 25, 2012
    Message Count:
    1
    Likes Received:
    0
    Trophy Points:
    0
    ashishchandrakar, Apr 27, 2012

    Hi....

    Is any pre requisite to integrate AD of Windows 2003 into FreeNAS 8.0.4 64 bit version.

    I am trying to start AD in freenas but couldn't started.
  2. winstontj New Member

    Member Since:
    Apr 8, 2012
    Message Count:
    15
    Likes Received:
    0
    Trophy Points:
    0
    winstontj, Jul 23, 2012

    I'll bump this thread rather than start a new one.

    I'm getting an error "failure to join domain, invalid credentials"

    I can ping both machines but that's about it. I can ping via host name and via IP from both the AD server and the Shell of FreeNAS. I have set up AD before on a FreeNAS box but it's been a while. I feel like I'm missing something dumb. I am following the docs exactly as written but it's failing at the authentication level and I can't get past it. Good news is that the two boxes are talking enough to fail authentication - but that's it.
  3. bfishernc New Member

    Member Since:
    Jun 29, 2012
    Message Count:
    30
    Likes Received:
    0
    Trophy Points:
    0
    bfishernc, Jul 25, 2012

    I recently did this - didn't have any issues. I'm not an expert but will try to help if I can.

    Did you follow the AD page in documentation? http://doc.freenas.org/index.php/Active_Directory

    I used IP address rather than host name, and I needed my full domain (home.fisher... not just fisher). I used Fisher in the workgroup name. And then used an Admin/password and it connected.

    It automatically updates daily, or I can manually force an update.
  4. winstontj New Member

    Member Since:
    Apr 8, 2012
    Message Count:
    15
    Likes Received:
    0
    Trophy Points:
    0
    winstontj, Jul 25, 2012

    Yes, I followed the documentation and the "workgroup" is what's hanging me up. I have a rather complex setup but essentially the FreeNAS box is a VM (dedicated RAID array but not 100% dedicated hardware) and will only be connecting to machines that are within the AD Domain. All of those computers (virtual or PC's or servers) are already joined to the Domain so quite literally each of the machines I'm trying to connect to the FreeNAS box don't have a workgroup because adding them to the Domain over-writes that.

    Should I leave "Workgroup" blank? I have no problems pinging things (so I know it's not a firewall issue) but I just can't get the thing to join the Domain. I have two other FreeNAS boxes that are in windows workgroups and they work fine, my issue is probably something stupid with the AD setup.

    I followed the documentation but I'm stuck at the authentication failure.

    EDIT: Thank you very much for the reply, I appreciate it.
  5. winstontj New Member

    Member Since:
    Apr 8, 2012
    Message Count:
    15
    Likes Received:
    0
    Trophy Points:
    0
    winstontj, Jul 27, 2012

    I'm to the point that I can ping the IP, host name and domain name (FQDN) from either the AD server or the FreeNAS VM.

    From AD Server:
    Ping xx.xx.xx.x
    Ping FreeNAS
    Ping domain.net
    ^^ all works and returns <1ms pings

    From FreeNAS:
    Ping xx.xx.xx.x
    Ping ADSRVxx
    Ping domain.net
    ^^^ All work from console shell and return values of <1ms

    I know that the AD Services are running because if I shut down the server my remote desktop will not allow me to authenticate onto some of my VMs. As soon as I turn the (Virtual) AD server back on I can log into anything I need to.

    I was having issues with pinging but after I added the DNS record to the AD Server there were no problems with pings.

    That's about how far I can get. Regarding Kerberos, both VMs are running on the same host server and both are set to sync with the host as well as I have manually added all the same NTP addresses to both the host server, AD server and the FreeNAS box.
  6. winstontj New Member

    Member Since:
    Apr 8, 2012
    Message Count:
    15
    Likes Received:
    0
    Trophy Points:
    0
    winstontj, Aug 10, 2012

    Still having issues, not even sure how to troubleshoot at this point.

    When I use "Administrator" and the proper AD Server Administrator PW I receive a login credentials failure. (no idea why) When I use a different AD account (created with exactly the same memberships, privileges and permissions as the Administrator account) I get a general failure.

    When I follow the steps in the http://doc.freenas.org/index.php/Active_Directory I am following exactly as stated. I can ping just as before. When I go into Services > Control Services and I try to switch Active Directory on it shows an error up top saying "The service could not be started".

    I know that the FreeNAS box is at least hitting and talking to the AD Server since when I use the proper admin credentials I am returned with an "invalid login" error.

    Any ideas or suggestions?

    Thanks.
  7. TJ Wenger New Member

    Member Since:
    Aug 28, 2012
    Message Count:
    3
    Likes Received:
    0
    Trophy Points:
    0
    Occupation:
    Network Manager, Network Administration and IT Pro
    Location:
    Winona, Minnesota, United States
    TJ Wenger, Aug 29, 2012

    Just a heads up, I'm having the same problem. My service won't start as well, everything checks out as you stated.
  8. winstontj New Member

    Member Since:
    Apr 8, 2012
    Message Count:
    15
    Likes Received:
    0
    Trophy Points:
    0
    winstontj, Aug 29, 2012

    Well hopefully someone has figured out how to run FreeNAS on a VM and use AD. Hopefully they will also chime in.

    The several hour time difference between the OS clock and the (virtual) CMOS/BIOS clock is buggering things up.

Share This Page