Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

FREENAS 9.3 - Can't join AD

Posted on 2016-08-26
11
2 solutions
Medium Priority
?
1,013 Views
Last Modified: 2016-09-27
Hi everyone. I'm going crazy trying to join my FREENAS server to windows 2008 AD service. I've tried almost everything with no luck. I always get this message:
Unable to find domain controllers for innovateperu.local.
and the log shows:  
FreeNAS_ActiveDirectory_Base.get_SRV_records: no SRV records for _ldap._tcp.dc._msdcs.innovateperu.local found, fail!
I have attached some screenshots of my FREENAS configuration

PS.
My local domain is: innovateperu.local
ad_conf.png
cifs_conf.png
network_conf.png
config.png
krb5.png
resolv.png
smb4.png
0
Comment
Question by:Ludwig Diehl
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Join The Community
  • 5
  • 3
  • 2
  • +1
11 Comments
 
LVL 42

Expert Comment

by:Adam Brown
ID: 41772506
Check your Active Directory DNS zones to make sure the MSDCS folder/Forward Lookup Zone is there and that there is a valid SRV record under _TCP.DC folder.
0
 
LVL 17

Expert Comment

by:Learnctx
ID: 41773464
Have you considered upgrading to the latest stable release (9.10.1 has probably been out for a few months now).

There are quite a few AD joining bugs in 9.3.

https://bugs.freenas.org/issues/7181
https://bugs.freenas.org/issues/10860
https://bugs.freenas.org/issues/6980
0
 
LVL 6

Author Comment

by:Ludwig Diehl
ID: 41778742
Thx for your replies. I have tried host -a _ldap._tcp.dc._msdcs.innovateperu.local. I get response...
About migrating version. This server is in production environment and holds my VM so I cannot restart it. Is there any other approach?
host.png
dns.png
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

30 Day Free Trial
 
LVL 17

Assisted Solution

by:Learnctx
Learnctx earned 1000 total points
ID: 41778897
In your first screenshot enable verbose logging. This will log under /var/logs/messages. Does anything come up with errors? What happens if you run:

host -t srv _ldap._tcp.innovateperu.local

Open in new window


Also have a look at their troubleshooting KB on not being able to join the domain.

https://doc.freenas.org/9.3/freenas_directoryservice.html#if-the-system-will-not-join-the-domain

I would also look at spinning up 2 new VM's. 1 running FreeNAS 9.3 and 1 running the latest release. Can either of these join the domain?
0
 
LVL 6

Author Comment

by:Ludwig Diehl
ID: 41779856
See the attached image for results from host command.
By the way I did try what FreeNAS suggests.
srv.png
0
 
LVL 17

Expert Comment

by:Learnctx
ID: 41780777
Yeah, I would definitely try spin up a new VM to test joining a newer version to your AD environment. I can only assume its some sort of bug in FreeNAS 9.3.
0
 
LVL 6

Author Comment

by:Ludwig Diehl
ID: 41785409
thanks anyway. I will try that.
0
 
LVL 10

Accepted Solution

by:
Zenvenky earned 1000 total points
ID: 41795236
I would suggest you to create a computer object with "FREENAS" name in some OU and on this OU give create computer object object permissions to FREENAS computer object. I think this will work.
0
 
LVL 6

Author Comment

by:Ludwig Diehl
ID: 41796094
freenas as a computer object exists from the beginning. That was the first thing I did when trying to join it to my domain
0
 
LVL 10

Expert Comment

by:Zenvenky
ID: 41796542
However as mentioned earlier, did you add permissions on the OU where FREENAS computer object exists.
0
 
LVL 6

Author Closing Comment

by:Ludwig Diehl
ID: 41818454
Thank you all for your help. I could finally join my domain. You would laugh if I told u that the computer object "FREENAS" was disabled in my AD! lol. After enabling it again it could join the AD with no prob.
1

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Read our Case Study
Question has a verified solution.

If you are experiencing a similar issue, please ask a related question
Protecting Active Directory Credentials Amidst New Threats [VIDEO]
Article by: Gene
Let's recap what we learned from yesterday's Skyport Systems webinar.
Automated object placement using AutoAD
Article by: Shaun
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
Installing and Configuring Windows Server Backup Utility
Video by: Rodney
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
Importing Users Into Active Directory From a Text File
Video by: Kevin
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Advertise Here
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Advertise Here