[SOLVED] Lost AD (Active Directory) server and trying to rejoin

Brief description of the problem

I lost my AD server and created a fresh new one. When I came back to Rockstor server, AD is not working. I get everything connected/authenticated and I can even see the Rockstor server in AD. The problem is that I cannot seem to get the user/groups to update with the AD, so I am unable to apply proper AD perms to my shares.

Any ideas?

Detailed step by step instructions to reproduce the problem

  1. Setup AD
  2. Join Rockstor to AD
  3. Destroy AD server
  4. Recreate AD server
  5. Join Rockstor server back to AD server through GUI.
1 Like

Hi @bennysp Ben and Welcome to Rockstor! :sunflower:

Some shell steps to check your current AD join:
net ads testjon -> this should return Join is OK
net ads info -> will return AD DC infos to check if you’re on right server
net ads user -U AD_ADMINISTRATOR -> with your AD Admin instead of AD_ADMINISTRATOR will ask for password and return AD users list

Waiting your feedbacks :slight_smile:

Thanks Mirko.

Looks like everything passed in those commands:

[root@fileserv ~]# net ads testjoin Join is OK [root@fileserv ~]# net ads info LDAP server: LDAP server name: DOMAINSERV01.domain.thedaily.tv Realm: DOMAIN.THEDAILY.TV Bind Path: dc=DOMAIN,dc=THEDAILY,dc=TV LDAP port: 389 Server time: Sun, 23 Apr 2017 11:53:11 PDT KDC server: Server time offset: 0 Last machine account password change: Sun, 23 Apr 2017 09:19:46 PDT [root@fileserv ~]# net ads user -U administrator Enter administrator's password: [list of users]

I should note that the user and group list has retained one of my users and groups that I started to use for perms when the first AD server was setup and working. I cannot figure out how to remove the user or group.

I went into my AD server and mapped the ID of the ones that were still in the Rockstore configuration and I am back working now.

1 Like

Hi @bennysp,
one last question: did you use same AD names? If your answer is “yes” then probably you just had to wait till winbind/samba cache updates (or force it stopping smb & winbind, clearing samba cache with net cache flush + deleting .tdb files, then starting again smb & winbind)

Can we mark this as solved? :slight_smile:



Hi @Flyer,

Yes, I used the same names. Thanks for the information. That was exactly the kind of thing I was looking for. My guess is that would have worked in this scenario too, I just didn’t know the specifics of doing so.

Yes, we can mark as resolved. Thank you for your help!


1 Like

Just a small note:

  • Leave the AD on the local machine
  • Restart all samba services (smb, winbind, etc) or reboot the machine
  • Join the AD again

should get around the duplicated problem.