Well I’m convinced it’s not a DNS issue now. I was looking at /usr/lib/python3/dist-packages/middlewared/plugins/directoryservices_/activedirectory_join_mixin.py and I see their using the samba libads library to get the Active Directory configuration. I think under the hood this SMBcmd.Net call is using ‘net ads info’ which fails because it doesn’t know the kerberos realm. I edited my /etc/smb4.conf and added ‘realm = MY_AD_DOMAIN and now ‘net ads info’ works and I get past the original error looking up the domain controller. I’m also now able to ‘kinit’ on the NAS to get a kerberos ticket from the Domain Controller. But now, both the TrueNAS GUI and ‘net ads join’ CLI command fails complaining that I can only join from the domain PDC. Of course restarting SMB on the NAS wipes out my manual additions to smb4.conf.
Is anyone able to join TrueNAS scale to an Active Directory domain? I’m no expert at this and am not familiar with this samba libads but it seems to me there is some chicken or egg kind of problems with this join process. However, I’m not ruling out that I’m doing something stupid 