+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
*nix Thread, Openfiler AD authentication in Technical; Just about to give up with this on so any suggestions will be handy! Running Openfiler to create a NAS ...
  1. #1

    Join Date
    Mar 2007
    Posts
    421
    Thank Post
    14
    Thanked 16 Times in 10 Posts
    Rep Power
    18

    Openfiler AD authentication

    Just about to give up with this on so any suggestions will be handy!

    Running Openfiler to create a NAS box, but cannot get it to authenticate via AD. Tried every variation on configuration but nothing seems to work. No errors, no joining to AD and nothing to hint at what is going wrong.

    Checked the usual like system clock and DNS resolving ok but I'm stumped. You don't seem to get any logging errors either which doesn't help.

  2. #2
    danrhodes's Avatar
    Join Date
    Sep 2008
    Location
    Wath Upon Dearne
    Posts
    1,513
    Thank Post
    157
    Thanked 181 Times in 150 Posts
    Rep Power
    67
    What type of auth are you trying to use? Kerberos, Transparent Kerberos, LDAP, Transparent NTLM??

  3. #3

    Join Date
    Mar 2007
    Posts
    421
    Thank Post
    14
    Thanked 16 Times in 10 Posts
    Rep Power
    18
    I've been setting the options for 'Windows domain controller and authentication' and Kerberos. I've joined lots of hardware NAS boxes to our domain before with no issues (except clocks being out of sync!)

    EDIT - its obviously goosed now, any configuration change I 'apply' simply results in a blank page being returned. FreeNAS anyone?!
    Last edited by GoldenWonder; 26th May 2010 at 11:06 AM.

  4. #4
    danrhodes's Avatar
    Join Date
    Sep 2008
    Location
    Wath Upon Dearne
    Posts
    1,513
    Thank Post
    157
    Thanked 181 Times in 150 Posts
    Rep Power
    67
    I know it shouldn't make any difference but have you been using FQDN for your server and the Domain in CAPITALS as sometimes it can be fussy about these things.

    Also if you are trying to configure openfiler through IE that also can complicate matter's, try using putty to SSH in or Firefox if you dont fancy the SSH method.

    D

  5. #5

    Join Date
    Mar 2007
    Posts
    421
    Thank Post
    14
    Thanked 16 Times in 10 Posts
    Rep Power
    18
    I've been using FQDN for server names, and have tried the domain in Caps and lower case.

    I haven't tried using a different browser yet, might give Firefox a go once I've rebuilt it.

  6. #6
    danrhodes's Avatar
    Join Date
    Sep 2008
    Location
    Wath Upon Dearne
    Posts
    1,513
    Thank Post
    157
    Thanked 181 Times in 150 Posts
    Rep Power
    67
    It must be a weird one, I've added what must be hundereds of NAS boxes to network over my years in IT and rarely have any issues apart from the obligitory time sync issues!

    D

  7. #7
    TheLibrarian
    Guest
    I think I found this on EduGeek previously, I know I found it useful - Michael's guide to setting up OpenFiler 2.3 with Active Directory as a NAS box.

  8. Thanks to TheLibrarian from:

    danrhodes (26th May 2010)

  9. #8
    danrhodes's Avatar
    Join Date
    Sep 2008
    Location
    Wath Upon Dearne
    Posts
    1,513
    Thank Post
    157
    Thanked 181 Times in 150 Posts
    Rep Power
    67
    Quote Originally Posted by TheLibrarian View Post
    I think I found this on EduGeek previously, I know I found it useful - Michael's guide to setting up OpenFiler 2.3 with Active Directory as a NAS box.
    Excellent trauling work Librarian, bookmarked that one!

    D

  10. #9

    Join Date
    Mar 2007
    Posts
    421
    Thank Post
    14
    Thanked 16 Times in 10 Posts
    Rep Power
    18
    Tried that excellent guide and configured as specified. Alas the user groups list remains completel empty no matter what I do!

  11. #10
    danrhodes's Avatar
    Join Date
    Sep 2008
    Location
    Wath Upon Dearne
    Posts
    1,513
    Thank Post
    157
    Thanked 181 Times in 150 Posts
    Rep Power
    67

  12. #11

    Join Date
    Mar 2007
    Posts
    421
    Thank Post
    14
    Thanked 16 Times in 10 Posts
    Rep Power
    18
    I looked through and the 'bug' with the realm name seems to have been resolved. Either that or it doesn't happen when I used Firefox. Now I have no errors, but when I open group list its empty!

    I notice that although the guides recommend using the Join Domain option, my nas box still is not appearing in the domain. I guess this is part of the problem

    The only error I can seem to get is if I try to add a new user:

    Error adding new user.
    ldap_add: No such object (32)
    matched DN: DC=domainname,DC=org,DC=uk
    additional info: 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of:
    'DC=domainname,DC=org,DC=uk'
    Last edited by GoldenWonder; 26th May 2010 at 12:19 PM.

  13. #12

    Join Date
    Mar 2007
    Posts
    421
    Thank Post
    14
    Thanked 16 Times in 10 Posts
    Rep Power
    18
    Well I got a stage further. After a complete rebuild and reinstall I managed to get the OF box to see AD, and user groups appeared. However after creating shares and setting permissions I get variable results. I've given Domain Admins full rights and a staff group R/W rights. This generally either doesn't work and a Windows authentication box appears when trying to access the share (\\nas\share) or they get a Windows error saying that it could not connect to the resource (i.e as if the path was invalid)

    I noticed that when I expanded the Domain Admins group in the OF gui, it only showed users in the same OU as the group - some of our accounts are in a sub-OU and they weren't showing. It looks like OF is like a lot of other linux/unix systems that will only read AD if everything is in a single OU

  14. #13

    Join Date
    Mar 2007
    Posts
    421
    Thank Post
    14
    Thanked 16 Times in 10 Posts
    Rep Power
    18
    To close this one off (and if anyone else is thinking of using OF in an AD environment - don't bother!)

    I got it working - sort of. But it stops working every so often (i.e the group list shows up empty and no one can access any shares) so I can only assume OF isn't ready for AD authentication yet. Shame really but this is what holds me back from using more linux based stuff here -theres always a catch getting it to work with existing kit!

  15. #14
    danrhodes's Avatar
    Join Date
    Sep 2008
    Location
    Wath Upon Dearne
    Posts
    1,513
    Thank Post
    157
    Thanked 181 Times in 150 Posts
    Rep Power
    67
    Have you tried FreeNas its alot better than open filer. I use FreeNas at home, I think its been on for nearly 1000 days without even a hickup!

  16. #15

    Join Date
    Mar 2007
    Posts
    421
    Thank Post
    14
    Thanked 16 Times in 10 Posts
    Rep Power
    18
    I tried Freenas but this seemed a bit awkward in setting up the shares. Might have to revisit it and try again.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Openfiler
    By wesleyw in forum How do you do....it?
    Replies: 0
    Last Post: 26th April 2010, 01:04 PM
  2. Openfiler help needed
    By Phillip1983 in forum Wireless Networks
    Replies: 3
    Last Post: 15th January 2010, 01:03 PM
  3. Openfiler
    By cookie_monster in forum Hardware
    Replies: 14
    Last Post: 22nd July 2009, 03:43 PM
  4. Openfiler
    By kennysarmy in forum Hardware
    Replies: 1
    Last Post: 7th July 2009, 03:53 PM
  5. Openfiler
    By Norphy in forum *nix
    Replies: 2
    Last Post: 20th June 2006, 09:59 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •