...
...
...
Purpose
This article provides step by step instructions for joining your SoftNAS instance to Active Directory from within a CLI.
| Note |
|---|
| If an HA pairing, this process MUST be run twice, once on each node, or failover would break domain trusts. |
Symptoms
For those who prefer to let their keyboards do the work, rather than their mouse, or are running into problems joining AD via the SoftNAS GUI, ('Ajax Timeout' errors have been known to occur), it is possible to join your SoftNAS instance/VM to Active Directory via your command line interface.
Purpose
This article provides step by step instructions for joining your SoftNAS instance to Active Directory from within a CLI.
| Note |
|---|
| If an HA pairing, this process MUST be run twice, once on each node, or failover would break domain trusts. |
Resolution
Resolution
- SSH into the SoftNAS instance
...
- in question.
...
- You can also access the command shell from within your SoftNAS GUI
...
- by navigating
...
- to Settings
...
- > General System Settingsin the Storage Administration pane.
...
- In the Webmin
...
- panel that
...
- opens,
...
- navigate to Others
...
- > Command Shell
...
- .
Once connected
...
, run the following commands
...
to stop Samba and Winbindd services
...
| borderColor | black |
|---|---|
| bgColor | #f0f0f0 |
| borderStyle | solid |
...
:
Code Block language bash theme Eclipse linenumbers true service sernet-samba-nmbd stop
...
service sernet-samba-winbindd stop
| Note |
|---|
These services MUST be stopped to prevent changes from being overwritten. |
Once services have been stopped, add a new Kerberos ticket-granting ticket
...
using the following command:
...
Code Block
...
language
...
bash
...
theme
...
Eclipse
...
kinit
...
Confirm the Active Directory information
...
| Panel | ||||||
|---|---|---|---|---|---|---|
| ||||||
| # klist |
...
by running the following command:
Code Block language bash theme Eclipse klist
Join your instance to Active Directory
...
| Panel | ||||||
|---|---|---|---|---|---|---|
| ||||||
| # net ads join -U <username> |
using the following command:
Code Block language bash theme Eclipse net ads join -U <username>The username in question must have rights to create objects in
...
Active Directory and join objects to the domain.
...
IF the above command fails, try the following command:
...
Code Block
...
language
...
bash
...
theme
...
Eclipse net rpc join -U <username>
Once your instance has successfully joined Active Directory, start the Samba and Winbindd services
...
| borderColor | black |
|---|---|
| bgColor | #f0f0f0 |
| borderStyle | solid |
...
using the following commands:
Code Block language bash theme Eclipse service sernet-samba-nmbd start
...
service sernet-samba-winbindd start
...
Various connections will need to be listed at least once so that the GUI can read them later. Issue the following commands:
...
Code Block
...
language
...
bash
...
theme
...
Eclipse
...
linenumbers
...
(to see trust)
| Panel | ||||||
|---|---|---|---|---|---|---|
| ||||||
| # wbinfo -m |
(to see all trust domains)
| Panel | ||||||
|---|---|---|---|---|---|---|
| ||||||
| # wbinfo -u |
(to sync users)
| Panel | ||||||
|---|---|---|---|---|---|---|
| ||||||
| # wbinfo -g |
...
true # To see trust: wbinfo -t # To see all trust domains: wbinfo -m # To sync users: wbinfo -u # To sync group OS: wbinfo -g
| Note |
|---|
Remember to join both nodes of an HA cluster to |
...
Active Directory if they are to work in unison. |
...
| Info |
|---|
| Check the Samba. |
...
| conf file for any information pertaining to the |
...
| Active Directory join process |
...
