Access to SMB folders for PCs outside the AD

widuchd

Cadet
Joined
Jan 8, 2020
Messages
5
After updating to FreeNAS-11.2-U7 (previously version U6), I don't have access to network resources (SMB folders) from computers not connected to the AD. However, when trying to connect a resource, the login window shows up, but after entering the domainname\username and password nothing happens. The login window appears once again as if there is no access for this user. On computers in the domain the same login data works fine.
The freenas server is attached to the domain and synchronized with AD.
 

MikeyG

Patron
Joined
Dec 8, 2017
Messages
442
You should be able to authenticate to shares from a non-domain joined PC using the format domain\domain_user or domain_user@domain.
 

widuchd

Cadet
Joined
Jan 8, 2020
Messages
5
So it doesn't work for me. Before the update, it was definitely OK. Any idea what might be wrong?
 

widuchd

Cadet
Joined
Jan 8, 2020
Messages
5
I have the settings as in the attachments.
 

Attachments

  • automatyka_dane.jpg
    automatyka_dane.jpg
    20.1 KB · Views: 279
  • automatyka_pool.jpg
    automatyka_pool.jpg
    20.4 KB · Views: 261
  • main_pool.jpg
    main_pool.jpg
    25.8 KB · Views: 254
  • pool_tree.jpg
    pool_tree.jpg
    14.2 KB · Views: 248
  • smb_dane.jpg
    smb_dane.jpg
    44.7 KB · Views: 247
  • smb_settings_1.jpg
    smb_settings_1.jpg
    33.3 KB · Views: 236
  • smb_settings_2.jpg
    smb_settings_2.jpg
    23 KB · Views: 269

MikeyG

Patron
Joined
Dec 8, 2017
Messages
442
I assume the client is a windows 10 PC? Could you share screenshots of what you are doing and the error?

You've tried making sure credentials are wiped out in credential manager? Have you tried any other Windows 10 devices?

I've also sometimes noticed that smb sessions can get "stuck" in Windows (not sure how to describe this) but often when testing access, I will alternate between the domain name of the server and the IP as this establishes a new session (or reboot). Or try another Windows test machine.

Also check the security permissions of the share in windows to make sure it's what you are expecting.
 

widuchd

Cadet
Joined
Jan 8, 2020
Messages
5
Problem solved. The user name format must be domain_user@domain.
I'm sure that in the earlier (U6) version the system also supported domain\domain_user. It doesn't work in this one.
 

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,545
Problem solved. The user name format must be domain_user@domain.
I'm sure that in the earlier (U6) version the system also supported domain\domain_user. It doesn't work in this one.
U7 still supports DOMAIN\username. You can run wbinfo -m --verbose to see list of known long-form and short-form domain names.
 
Top