FREENAS 9.3 - Can't join AD

Hi everyone. I'm going crazy trying to join my FREENAS server to windows 2008 AD service. I've tried almost everything with no luck. I always get this message:
Unable to find domain controllers for innovateperu.local.
and the log shows:  
FreeNAS_ActiveDirectory_Base.get_SRV_records: no SRV records for _ldap._tcp.dc._msdcs.innovateperu.local found, fail!
I have attached some screenshots of my FREENAS configuration

PS.
My local domain is: innovateperu.local
ad_conf.png
cifs_conf.png
network_conf.png
config.png
krb5.png
resolv.png
smb4.png
LVL 6
Ludwig DiehlSystems ArchitectAsked:
Who is Participating?
 
ZenVenkyArchitectCommented:
I would suggest you to create a computer object with "FREENAS" name in some OU and on this OU give create computer object object permissions to FREENAS computer object. I think this will work.
0
 
Adam BrownSr Solutions ArchitectCommented:
Check your Active Directory DNS zones to make sure the MSDCS folder/Forward Lookup Zone is there and that there is a valid SRV record under _TCP.DC folder.
0
 
LearnctxEngineerCommented:
Have you considered upgrading to the latest stable release (9.10.1 has probably been out for a few months now).

There are quite a few AD joining bugs in 9.3.

https://bugs.freenas.org/issues/7181
https://bugs.freenas.org/issues/10860
https://bugs.freenas.org/issues/6980
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Download your Guide
 
Ludwig DiehlSystems ArchitectAuthor Commented:
Thx for your replies. I have tried host -a _ldap._tcp.dc._msdcs.innovateperu.local. I get response...
About migrating version. This server is in production environment and holds my VM so I cannot restart it. Is there any other approach?
host.png
dns.png
0
 
LearnctxEngineerCommented:
In your first screenshot enable verbose logging. This will log under /var/logs/messages. Does anything come up with errors? What happens if you run:

host -t srv _ldap._tcp.innovateperu.local

Open in new window


Also have a look at their troubleshooting KB on not being able to join the domain.

https://doc.freenas.org/9.3/freenas_directoryservice.html#if-the-system-will-not-join-the-domain

I would also look at spinning up 2 new VM's. 1 running FreeNAS 9.3 and 1 running the latest release. Can either of these join the domain?
0
 
Ludwig DiehlSystems ArchitectAuthor Commented:
See the attached image for results from host command.
By the way I did try what FreeNAS suggests.
srv.png
0
 
LearnctxEngineerCommented:
Yeah, I would definitely try spin up a new VM to test joining a newer version to your AD environment. I can only assume its some sort of bug in FreeNAS 9.3.
0
 
Ludwig DiehlSystems ArchitectAuthor Commented:
thanks anyway. I will try that.
0
 
Ludwig DiehlSystems ArchitectAuthor Commented:
freenas as a computer object exists from the beginning. That was the first thing I did when trying to join it to my domain
0
 
ZenVenkyArchitectCommented:
However as mentioned earlier, did you add permissions on the OU where FREENAS computer object exists.
0
 
Ludwig DiehlSystems ArchitectAuthor Commented:
Thank you all for your help. I could finally join my domain. You would laugh if I told u that the computer object "FREENAS" was disabled in my AD! lol. After enabling it again it could join the AD with no prob.
1
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.

Advertise Here