Active Directory, Didn't find the ldap server!

Support
,
2

Hi @Pete

You’re probably running in the issue of the AD Details needed - which are NOT shown in the Web-GUI of NS8 anywhere.

See my post here about this:

I had similiar issues joining an OpenMediaVault to the AD of NS8.

I joined a simple Win10 VM I had set up to administrate the AD, installed RSAT AD Tools, DNS and GroupPolicys, and checked the DC and DNS names for AD.

These names worked. Often you wll see something like NSDC-xxxx-xxxxx or DC1.
These Hostnames are not visible in the AD GUI of NS8.

Maybe this info helps!

In any case:

  • Set the NTP of your TrueNAS server to point to your AD, using the full name of the AD DC as shown in the AD RSAT tools.
  • Set the DNS of your TrueNAS to point to your AD.
  • Having not only the ad.domain.tld entry, but also the full hostname / fqdn of the AD host in DNS helps.
  • On your TrueNAS: Set Hostname as the short (max 15 CHR) NetBIOS name in caps.
  • On your TrueNAS: Set domain as the full ad name in small caps.
  • On your TrueNAS: Set static IP and DNS (your ad)

Edit krb5.conf

nano /etc/krb5.conf

Delete everything and paste this (adapt as needed):

[libdefaults]
default_realm = HOMELAB.PRIV


[realms]
HOMELAB.PRIV = {
kdc = DC0.HOMELAB.PRIV
default_domain = HOMELAB.PRIV
}


[domain_realm]
.homelab.priv = HOMELAB.PRIV
homelab.priv = HOMELAB.PRIV

Edit samba config

netbios name = OMV
realm = HOMELAB.PRIV
server string =
security = ads
encrypt passwords = yes
preferred master = False
local master = No
domain master = No
dns proxy = No
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
client use spnego = yes

Edit nsswitch.conf

Just change the following to show as below:

passwd:         files winbind
group:          files winbind
shadow:         files winbind

Then join the AD, reboot and check!

Note:
As always: make a backup and double check!
The above worked for me with OpenMediaVault - and should work with TrueNAS (Depending on Core or Scale some tweaking might be needed…)
On OMV i additionally needed the following:

apt install -y krb5-config krb5-user winbind libnss-winbind libpam-winbind

Good Luck!

My 2 cents
Andy

2 Likes