6.3.3 Can't Join Domain

zdude · April 11, 2017

Seems like most the post on this subject is real old

I am setting up a POC for my boss so I am still under the trial of unraid, but its my understanding it should not keep me from joining a windows Domain.

Server has static IP, DNS is pointing to each of the DNS servers that happen to be a Domain Controller.

I have been trying a few Versions of FQDN for the domain and nothing works.

I get an error “Failed to join domain: Invalid configuration ("workgroup"”
But enable SMB Yes (Active Directorey is set.

zdude · April 12, 2017

Tonight I checked all my DNS setting and started over with all the setting and I stil cant get it to join the domain but i am getting a new error.
pr 11 21:18:14 PHSX0020 root: Failed to join domain: failed to find DC for domain mydomain.ORG - Undetermined error

I checked dns for correct DC lookup and it going to the correct IP.
Doing a ping mydomain.org and it find the correct IP for the Domain server.
Windows clients and join without problems.

When windows Join a domain it does a Broadcast looking for a domain server to reply. I dont know if this is how unraid works or not.
the unraid server is on the same Switch, Same VLAN, Same IP subnet

Any Suggestions?? please??

limetech · April 19, 2017

Make sure under Settings/Network setting the first DNS server IP address points to your DC.

What version of Windows server are you connecting to? We haven't done a lot of retesting of AD after updating our networking to support VLAN's - could be an issue here.

zdude · April 19, 2017

Yep Setting are pointing at 2 of the 4 DNS servers.
Each of the DNS Servers are Domain Controllers.

The Servers are Windows 2008 R2

BUT... The Domain is still running 2003 AD Database. (I know, I know but we had a few technical reason we could not upgrade the Domain yet.)
When I did a SSH to the server I can ping the Short and long DNS Domain name and both ping back to the domain server.

zdude · April 25, 2017

On 4/19/2017 at 0:42 PM, limetech said:

Make sure under Settings/Network setting the first DNS server IP address points to your DC.

What version of Windows server are you connecting to? We haven't done a lot of retesting of AD after updating our networking to support VLAN's - could be an issue here.

Anyone have something I can try..looking bad here to my manager.

JonathanM · April 25, 2017

3 minutes ago, zdude said:

Anyone have something I can try..looking bad here to my manager.

Sorry, but honestly unless you are willing and can fully support unraid yourself, or are willing to pay Limetech for ongoing support, it's probably a bad choice for active use in a business outside of generic SMB NAS usage. All the extras like docker and VM's are in an ongoing state of change, and active directory support has been spotty for a long time.

Limetech does have paid support sessions available now, so if it's business important, and you are serious about using unraid in your business, I'd suggest setting up a paid support session instead of relying on forum support.

https://lime-technology.com/services/

zdude · April 25, 2017

John, I was asking the Lime Tech Admin who posted on Wednesday, he said he had not done much AD testing after the last update.

for the size of the business you can get any better than this product, just need to know if this domain issues in the current release.
If no bugs found in the current version, I need to understand how Linux talk to domain so I can find the issue.
Could be something with how DNS is setup that would only impact Linux.

The logs just say it can find the domain, yet you can ping the Domain by short and long name.
the DC and unraid server are on the same VLan and on the same Switch. I don't understand how the process cant find the domain.
Windows does a Broadcast for "Domain.org" and one of the DC will Respond with its name and will also provide a list of DNS list of DC Names.
This is how Windows knows witch server to ask to join.

Windows Joins the domain without issue, so I am thinking we have a bug or the software process is not the same between windows and Linux.
Could be I am missing a Domain service that helps Linux.

How this software works on the domain is the key so we must have a POC to get buy-in from management.
Once we know this works in the domain and with our tools we will be buying the software and Configuration services so its setup in the best way.

JonathanM · April 25, 2017

40 minutes ago, zdude said:

John, I was asking the Lime Tech Admin who posted on Wednesday

Tom's not just an admin, he's the company founder and for the longest time was Limetech, all by himself.

He isn't very active on the forums, so your best bet to get a response directly from him is email, or if it's urgent and you are in trouble with the boss, you need to schedule a paid session. Posting here or PM'ing on the forum is a random chance of getting a timely response, not what you need for business.

The forums are mostly user to user support, and AD is not a very large part of the community. I can only think of a very few regular forum members who use it.

zdude · April 25, 2017

Thanks for the back room details... I am honored he responded to me.

zdude · May 21, 2017

has anyone looked into to this?

has anyone Joined a 6.3.3 to a domain yet?

Just don't know if its my network or the 6.3.3 update

Matt_G · May 21, 2017

What account are you using when trying to join the domain?

When I first tried to get my unRAID server to join my domain, I had issues as well.

It would act like it joined ok but it really hadn't.

I was using my personal account that I always use; it's a member of Domain admins.

Wouldn't work and it was driving me nuts.

I then tried the local administator account of the domain controller.

DCName\administrator

That is what worked for me.

You might want to give that a shot.

zdude · May 21, 2017

MATT

Thank you so much, I found the issue. Let me first say I am working with a old Domain setup my people that are long gone.

The problem was the AD shortname
when we add windows computers to the Domain we use
Domain.mydomain.org or Mydomain.org

I notice if I left my Shortname Blank in the unraid setting the logs said something that I had not seen see before.

May 21 12:01:08 PHSX0020 emhttp: shcmd (6526): /usr/bin/net ads join -U 'administrator'%***** |& logger
May 21 12:01:08 PHSX0020 root: Failed to join domain: Invalid configuration ("workgroup" set to 'mydomain.ORG', should be 'mydomCPDC2') and configuration modification was not requested
May 21 12:01:09 PHSX0020 emhttp: shcmd (6529): /etc/rc.d/rc.samba stop |& logger

I Changed the shortname to what was suggested in the logs and it joined the domain.
Now the only thing on my wish list is ISCSI . ?

Matt_G · May 21, 2017

Glad to hear you got it sorted out.

Amin Shalchian · April 7, 2018

On 5/21/2017 at 10:26 PM, Matt_G said:

What account are you using when trying to join the domain?

When I first tried to get my unRAID server to join my domain, I had issues as well.

It would act like it joined ok but it really hadn't.

I was using my personal account that I always use; it's a member of Domain admins.

Wouldn't work and it was driving me nuts.

I then tried the local administator account of the domain controller.

DCName\administrator

That is what worked for me.

You might want to give that a shot.

Hi, This worked for me.

Matt_G · April 7, 2018

Glad to hear this helped you Amin.

6.3.3 Can't Join Domain

Recommended Posts

zdude

Link to comment

zdude

Link to comment

limetech

Link to comment

zdude

Link to comment

zdude

Link to comment

JonathanM

Link to comment

zdude

Link to comment

JonathanM

Link to comment

zdude

Link to comment

zdude

Link to comment

Matt_G

Link to comment

zdude

Link to comment

Matt_G

Link to comment

Amin Shalchian

Link to comment

Matt_G

Link to comment

Join the conversation