Troubleshooting Tip: Local Winbind configuration fails to start
Description
This article describes how to solve an issue that occurs when the service fails to start while configuring Local Winbind in the Administration UI under Network -> RADIUS-> Winbind tab -> Create New.
Scope
FortiNAC and FortiNAC-F.
Solution
Join the domain before enabling the Winbind service:
- Configure the following:
- Local NetBIOS Name.
- Domain NetBIOS Name (Note: NetBIOS Name must be in upper Case, 'HALAB').
- Kerberos Realm Name (HALAB.LOCAL).
- Domain Controller Hostname.
- Select Save Settings.
- Select Join Domain.
- Select Enable Service.
Notes:
- Since domain joining runs on Kerberos and Kerberos is time-sensitive, ensure the FortiNAC appliance is in sync with DC time: configure the FortiNAC to use the same NTP server as DC.
- If FortiNAC is in High Availability (HA), ensure the Secondary (HA) NetBIOS Name is configured. Otherwise, the secondary will not be able to join the domain upon failover.
For more details on the fields in this view, see Winbind in the Administration Guide.