So I’ve Rockstor as my NAS for a couple weeks now, and I have to periodically rejoin it to the domain. I talking every day or so. To join it to the domain I have to SSH in and run the command “net ads join -U Administrator” as the switch in the UI throws an error when trying to join that way. Is there a more permanent work around to joining Rockstor to the domain?
Hi @prompt-laser! Thanks for the report, but I have a few questions.
-
Are you running the latest testing update(3.8-11.10)? You would want to as there have been some updates to AD integration code.
-
How do you determine that the machine has fallen off the domain?
-
What’s the error on the UI?
-
Rockstor uses the sssd approach and so doesn’t join the domain using
net ads join ..., aka the winbind approach. There’s active testing going on, so your feedback will be very useful.
Thank you for the reply.
Im running 3.8-10
By fallen off the domain I mean that users are no longer authenticated against the domain, i.e. it prompts for a user/pass when browsing to the shares
The error varies. When users no longer automatically authenticate its something along the lines of already joined to the domain my.domain, this error goes away if i run BOTH net ads leave and realm leave pln.lan. if i run those commandd i can use the ui to join the domain, but after a few hours it will revert to no longer authenticating. for awhile it was cannot find a domain controller for domain my.domain, i fixed this problem by manually entering the fqdn of the primary dc in /etc/samba/smb.conf. and randomly i get a low level error trying to join the domain.
Ive tried net ads join and realm join they both join rockstor to the domain but again only for a few hours.
Also, even when everything is running smoothly for those few hours the switch is still set to off in the ui.
I took a day of vacation on thursday to setup a 2012 server to act as a storage host for my VMs. Once that is done im going to move the vms over to the 2012 iSCSI target and spin up a rockstor vm to continue to test it.
I really like what i’m seeing in rockstor, i just dont feel its ready for production on my network yet.