Edit: I finally got it fixed once i got the winbindd to stay started I was able to leave the domain, then make sure that the computer account was deleted, then i went back through the AD configuration again and got it working , also Kerberos Realms did not have my Domain controllers set in there so I added them in the password servers and admin servers, that allowed me to remove it from the domain.
I have been searching and searching over and over and i can get this figured out… This storage server has been running fine for the last 2 months its been installed. well Last night we had 2 things happen, one for some reason the Domain Admin account expired and it happened at the same time we had a power failure and the battery backup didnt get the machine shutdown it seems like, so it just took a crash… now im having all kinds of issues getting it back into the domain and all the users shares are offline and it seems that everytime I start SMB when i go back to services its off. I think my Kerberos is the problem, can I just delete my computer account and then go back to the AD menu and re add my domain admin password? well that get my account back in and working again. Also I had to start winbindd, here is the error i get on each restart,
" WARNING
Attempt to connect to netlogon share failed with error: [EFAULT] could not obtain winbind interface details: Winbind daemon is not available. could not obtain winbind domain name! failed to call wbcPingDc: Winbind daemon is not available…
2021-08-23 07:26:2"
See the screenshot i took that might help. I hope someone can help me cause all my users shares are not working but all my iscsi ones are…
TIA Screenshot of some of the errors
Trying to figure out exactly where things are crashed… Can you log into the AD computer and reset passwords? If so then I assume you are referring to the account used for Truenas to connect to the AD. If that’s the case, reset the the password for the Truenas account and then go into truenas and edit the AD account and let it resync (force it to resync). That has normally fixed the issues I’ve had, and so far power hits like this haven’t killed me.
If you think it is a config issue, reload your saved config back onto the NAS and see if that helps. But if that truenas account has expired, you still need to fix that issue and it shouldn’t have anything to do with the locked shares.
yes, it was the account that truenas uses to connect to AD that had expired and while that account was expired we had a power outage and the server stayed up on batt backup but the shutdown procedure didnt work when the batt got to 10%, so when it came back up it could not auth to AD. and that then cascaded into one problem after another… so I had to fix my AD first and also in powershell run get-smbserverconfiguration to resolve so things that i think another admin made changes too with good intentions but cause more problems… in the end i removed the server from AD rebooted clean with out an AD connector and then went back through the process and now everyone is happy, Its funny admins save the day but never get recognition. Its just expected to be able to fix everything that can ever happen and do it in 5 mins… even though the people that are like that are usually perfect examples of the Peter Principle
I will say that the AD integration in Truenas is still it bit “funny” when things don’t go 100% correctly. Resetting the password in AD and in Truenas followed by resyncing should have been enough to make it work, but I haven’t always had luck with this either.