I am trying to join the truenas to the internal AD, but it keeps failing join to the domain with below error.
I captured the network trace on the dc and found the SRV and A records were resolved correctly but the nas tried to resolve the ptr record of DC which doesn’t exist in the AD integrated DNS and I am not able to create that record in the DNS.
How I can bypass it. I don’t understand the logic of this flow
48 8.346760500 192.168.0.10 192.168.0.111 DNS 82 Standard query 0x7925 SRV _kerberos._tcp.XYZ.LAB
49 8.346855700 192.168.0.111 192.168.0.10 DNS 128 Standard query response 0x7925 SRV _kerberos._tcp.XYZ.LAB SRV 0 100 88 dc.xyz.lab A 192.168.0.111
50 8.348097200 192.168.0.10 192.168.0.111 DNS 75 Standard query 0x847b A truenas.XYZ.LAB
51 8.348120700 192.168.0.10 192.168.0.111 DNS 75 Standard query 0x9d85 AAAA truenas.XYZ.LAB
52 8.348172800 192.168.0.111 192.168.0.10 DNS 132 Standard query response 0x847b No such name A truenas.XYZ.LAB SOA dc.xyz.lab
53 8.348187700 192.168.0.111 192.168.0.10 DNS 132 Standard query response 0x9d85 No such name AAAA truenas.XYZ.LAB SOA dc.xyz.lab
54 8.366591000 192.168.0.10 192.168.0.111 DNS 86 Standard query 0x5079 PTR 111.0.168.192.in-addr.arpa
63 12.468684600 192.168.0.10 192.168.0.111 DNS 86 Standard query 0x5079 PTR 111.0.168.192.in-addr.arpa 71 16.312350400 192.168.0.111 192.168.0.10 DNS 86 Standard query response 0x5079 Server failure PTR 111.0.168.192.in-addr.arpa
76 16.670310100 192.168.0.10 192.168.0.111 DNS 86 Standard query 0x5079 PTR 111.0.168.192.in-addr.arpa
81 19.937388900 192.168.0.111 192.168.0.10 DNS 86 Standard query response 0x5079 Server failure PTR 111.0.168.192.in-addr.arpa
84 19.937827000 192.168.0.10 192.168.0.111 ICMP 114 Destination unreachable (Port unreachable)
90 24.468669000 192.168.0.111 192.168.0.10 DNS 86 Standard query response 0x5079 Server failure PTR 111.0.168.192.in-addr.arpa
I don’t understand why you cannot create PTR records in your AD’s integrated DNS server. Did you not create the SRV records? I’ve been trying to join my TrueNAS to an SMB 4 AD and am having issues as well. In my configuration, I have all the SRV and PTR records in DNS but TrueNAS complains about not finding my PDC. I have a Windows 11 client that successfully joined and I can login use my AD account. I’m still troubleshooting my setup with respect to TrueNAS.
Thanks! Issue fixed by creating the PTR record of DC in the reverse lookup zone. Based on my knowledge of windows client, it doesn’t need PTR record for joining domain, so the integrated AD DNS doesn’t have reverse lookup zone and ptr record created by default.
I would suggest that the TrueNAS team mention that the PTR record for the DC is required to join the domain in the wiki
You can submit Feedback on the documents by using the Blue Feedback button that should be on the right side. Just browse to the section you think needs improvement and submit screenshots or suggestions.
AD join failures on TrueNAS almost always come down to DNS. The TrueNAS box needs to resolve SRV records for your AD domain. Quick checklist from the TrueNAS shell: (1) nslookup your.domain.local - should return DC IP, (2) nslookup -type=srv _ldap._tcp.your.domain.local - should return SRV record pointing to your DC, (3) ping your DC by hostname. If any of those fail, fix DNS first. Set your DNS server in TrueNAS Network settings to point directly at your domain controller IP, not a public DNS like 8.8.8.8. Also verify time sync - run date on TrueNAS and compare with your DC, they need to be within 5 minutes.
