Napp-It: Active Directory tab totally blank in 18.12 OmniOS 151030

AveryFreeman

ESXi + ( ILLUMOS / ZFS ) = HAPPY
Mar 17, 2017
159
19
18
38
Near Seattle
averyfreeman.com
Hey,

Just upgraded to 151030 and noticed this message:

upload_2019-6-2_2-31-16.png

I also keep getting stuff like this:

upload_2019-6-2_2-31-59.png

smbd: smb_domain_getinfo: no DC info

My 'Active Directory' tab leads to a completely blank menu where I can't configure anything

I also just upgraded to Napp-It 18.12

Not sure which upgrade to attribute the errors to, although I think I noticed the smb complaint before I installed Napp-it 18.12.

Any ideas?

Edit:

Darn, my last message was deleted before I hit send. I got the following messages following a solaris guide:

Code:
ntpq: read: Connection refused

root@napp-it01:/etc/inet# kclient -T ms_ad

Starting client setup
---------------------------------------------------
Setting up /etc/krb5/krb5.conf.
Attempting to join 'NAPP-IT01' to the 'WEBTOOL.SPACE' domain.
Password for Administrator@WEBTOOL.SPACE:
Forest name found: webtool.space
Site name not found.  Local DCs/GCs will not be discovered.
Creating the machine account in AD via 
Failed to create the AD object via LDAP.
---------------------------------------------------
Setup FAILED.
Here's the guide I was following:

Chapter 16 Setting Up Solaris Active Directory Clients (System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP))

I re-installed kerberos-5 (there wasn't a package for it installed, but there were all the signs of it being there - config files, etc.) so that was odd. Checked the usual nsswitch.conf, krb5.conf, resolv.conf, ntp.conf, etc. All seemed OK

But the Napp-it window populated after a while and it accepted my config and now my file shares appear to be working again.

Any idea why kclient wouldn't work, though? That's odd...

Thanks!
 
Last edited:

DedoBOT

Member
Dec 24, 2018
38
5
8
Dns related for first glance. I had same gss minor/major errors when messed my win dns server and dns suffixes became unresolvable. The unix wasn't domain member, errors popped when win client is trying to connect to smb share only via dns suffix. With ip was fine. Mitigate it with 5mins WINS server setup , cause i was on hurry. Few days latter had time to fix the dns issue.
 

gea

Well-Known Member
Dec 31, 2010
2,438
818
113
DE
1.
OmniOS comes with new defaults and a different location fot system defaults like sata hotplug and timeout. A setting of them in /etc/system gives a warning about double entries

omniosorg/omnios-build

A default set of system default parameters are now installed in /etc/system.d/_omnios:system:defaults. These can be overidden if necessary by creating additional local files under /etc/system.d/.


2
about AD
I have had no problems joining AD with OmniOS151030 and napp-it 18.12
in menu Services > SMB > Active Directory
 

AveryFreeman

ESXi + ( ILLUMOS / ZFS ) = HAPPY
Mar 17, 2017
159
19
18
38
Near Seattle
averyfreeman.com
@gea:

Not sure what you're saying in regards to system settings, I do understand that OmniOS and Solaris are different OS, but due to the lack of OmniOS documentation piecing together what to do from Solaris docs is often required.

What does that have to do with AD or Napp-It, though?

Also, I do seem to have an AD connection but my console is still churning out error messages. Surprisingly, nothing in the last few hours, so that's good:

upload_2019-6-3_6-37-4.png

As you can see from this photo, this is a very old VM frankensteined from an OVA. I've created new VMs a couple times using the OmniOS ISO but never gotten around to moving all my settings in order to put it into production. I should probably just get around to that at some point, but I just haven't needed to since the OS has been remarkably stable. I got my first random reset during the 151030 upgrade after having this thing on serving files constantly since July 2018.

I enjoy fixing the problems it does have, though, in order to try and become more familiar with Illumos, which I personally feel is quite different in terms of syntax and layout than what I'm used to.

One thing that might be of interest is this message I get when running kclient by itself:

Code:
root@napp-it01:~# kclient

Can not create directory: /var/run/kclient
Permissions issue?
 

gea

Well-Known Member
Dec 31, 2010
2,438
818
113
DE
The relevant log seems "failed to locate AD server".
Is your AD connection working (can you refer to AD user on file permissions)?

btw
I asumed that your note about "empty active directory tab" was related to the napp-it menu Services > SMB > AD where you join the AD

Manuals
in general you can use the Solaris manuals up to for Solaris 11.2 that are quite accurate for Illumos.
Search for ex at Oracle Solaris 11.1 Information Library Updated: 2014-02-06