Ever since my upgrade from 9.1 to 9.3, I'm having all sorts of issues getting FreeNAS to place nicely with AD (2008 level) (I've also tried a fresh install of 9.3 with the same issues)
/var/log/messages doesn't give me much:
Jan 2 10:28:28 freenas93 ActiveDirectory: /usr/local/bin/python /usr/local/www/freenasUI/middleware/notifier.py stop cifs
Jan 2 10:28:30 freenas93 notifier: winbindd not running? (check /var/run/samba/winbindd.pid).
Jan 2 10:28:30 freenas93 notifier: smbd not running? (check /var/run/samba/smbd.pid).
Jan 2 10:28:30 freenas93 notifier: nmbd not running? (check /var/run/samba/nmbd.pid).
Jan 2 10:28:31 freenas93 ActiveDirectory: /usr/sbin/service ix-kerberos quietstart
Jan 2 10:28:33 freenas93 ActiveDirectory: /usr/sbin/service ix-nsswitch quietstart
Jan 2 10:28:34 freenas93 ActiveDirectory: /usr/sbin/service ix-kinit quietstart
Jan 2 10:28:36 freenas93 ActiveDirectory: /usr/sbin/service ix-kinit status
After I enter a user with credentials to enable AD, the screen appears to be happy…the enabled box is checked and everything is good. But, if I go elsewhere and come back to the directory tab, 'enable' is no longer checked and I'm back to square one.
Google says that there seems to be a bunch of people with the same problem, but there doesn't seem to be a fool-proof way to fix.
Please let me know if there are other logs I can post to be of more help.
Best Answer
I ran into the sam problem as you. Thankfully for me only three employees use the freenas box to save drivers, isos, and stuff Like that and did not cause any major headaches. Here is how I got around this situation. I installed the latest Freenas 9.3 update. The update number is FreeNAS-9.3-STABLE-201501090144 in the update log it shows it fixes an Active Directory issue. Unfortunately the update did not fix my issues for me, but I would try the upgrade before doing the next step. To get Freenas 9.3 working in Active Directory I had to do a Factory Restore and re-setup all my settings again. I also deleted the freenas box out of the domain and dns. This was not a huge issue for me, because I only had three shares just a pain in the butt. Once I got everything setup again in Active Directory I could go to the shell and do wbinfo -u, wbinfo -g, getent passwd, and getent group and see the Active Directory Users and Groups from the shell. I hope this helps.