Hi all,
We are running a samba/openldap network. Freenas has to be part of that domain, and share certain folders over cifs. We started using this since version 8 betas, and it stopped working since version 8.0.3.
In short, this is what I have done:
- create a fresh freenas install
- configure ssh and ldap client
-> works, ldap users can logon via ssh
Then I configured cifs:
- authentication model: local user
- netbiosname: I choose 'NAS'
- workgroup: our nt4 domain name
- unchecked local master
- unchecked time server
- checked allow guest access
- unchecked only allow guest access
Now, when starting cifs, to my surprise I noticed that freenas creates a new samba domain in my ldapdirectory, called NAS. (it's own netbios name)
(new domain, with a new random sid) This was unexpected: I don't want a new domain, I want freenas to participate in our existing domain.
It also doesn't work, because when connecting from winxp, we see the following error: "A device attached to the system is not functioning." and we cannot access any shares.
In the samba logs, we see:
The primary group domain sid (S-1-5-21-3982698809-*********-1300696210-513) does not match the domain sid (S-1-5-21-90839350-yyyyyyyyy-868425949) for username (S-1-5-21-90839350-yyyyyyyyy-868425949-3028)
We can obviously see that they don't match: username & domain sid are for our current domain, and primary group domain sid is for the NEW domain that freenas created in ldap.
So, am I missing something obvious? Is this not the way to integrate freenas in an existing domain? In freenas 8.0.3, samba was upgraded from 3.5.11 to 3.6.1, this probably has to do with the new behaviour...
Any clues here?
Thanks in advance!
We are running a samba/openldap network. Freenas has to be part of that domain, and share certain folders over cifs. We started using this since version 8 betas, and it stopped working since version 8.0.3.
In short, this is what I have done:
- create a fresh freenas install
- configure ssh and ldap client
-> works, ldap users can logon via ssh
Then I configured cifs:
- authentication model: local user
- netbiosname: I choose 'NAS'
- workgroup: our nt4 domain name
- unchecked local master
- unchecked time server
- checked allow guest access
- unchecked only allow guest access
Now, when starting cifs, to my surprise I noticed that freenas creates a new samba domain in my ldapdirectory, called NAS. (it's own netbios name)
(new domain, with a new random sid) This was unexpected: I don't want a new domain, I want freenas to participate in our existing domain.
It also doesn't work, because when connecting from winxp, we see the following error: "A device attached to the system is not functioning." and we cannot access any shares.
In the samba logs, we see:
The primary group domain sid (S-1-5-21-3982698809-*********-1300696210-513) does not match the domain sid (S-1-5-21-90839350-yyyyyyyyy-868425949) for username (S-1-5-21-90839350-yyyyyyyyy-868425949-3028)
We can obviously see that they don't match: username & domain sid are for our current domain, and primary group domain sid is for the NEW domain that freenas created in ldap.
So, am I missing something obvious? Is this not the way to integrate freenas in an existing domain? In freenas 8.0.3, samba was upgraded from 3.5.11 to 3.6.1, this probably has to do with the new behaviour...
Any clues here?
Thanks in advance!