Does 11.3-U2 still user smbusers?

[Aikidoka]

I just set up my first FreeNAS box this evening and am running into the Microsoft Account issue. My understanding is there should be a /usr/local/etc/smbusers file that maps my MS account e-mail address to the username in FreeNAS. When I created my account in FreeNAS I checked the Microsoft Account box and made sure to specify my e-mail. My install does not have an smbusers file and I have to manually authenticate using the username in FreeNAS. I also do not see the user map parameter in the smb4.conf file. I do not see an additional step in the docs other than checking the Microsoft Account box. Most of my searches are coming up with older information or fixes for specifying home drives. I am using the shell in the Web GUI when checking for smbusers. I do see smbusername.map but there are no entries there. Did the file to check for the mappings change?

 

[Aikidoka]

Here is the testparm output. I do not see the username map parameter. I thought that was a default setting. Trying to find out if have forgotten to toggle something.

Code:

root@freenas[~]# testparm -s
Load smb config files from /usr/local/etc/smb4.conf
Loaded services file OK.
Server role: ROLE_STANDALONE

# Global parameters
[global]
        aio max threads = 2
        bind interfaces only = Yes
        disable spoolss = Yes
        dns proxy = No
        enable web service discovery = Yes
        kernel change notify = No
        load printers = No
        logging = file
        max log size = 51200
        nsupdate command = /usr/local/bin/samba-nsupdate -g
        restrict anonymous = 2
        server min protocol = SMB2_02
        server role = standalone server
        server string = FreeNAS Server
        unix extensions = No
        idmap config *: range = 90000001-100000000
        idmap config * : backend = tdb
        allocation roundup size = 0
        directory name cache size = 0
        dos filemode = Yes
        include = /usr/local/etc/smb4_share.conf


[PlexMedia]
        aio write size = 0
        ea support = No
        mangled names = illegal
        path = /mnt/Ironwolf-01/PlexMediaFiles
        read only = No
        vfs objects = streams_xattr shadow_copy_zfs ixnas
        nfs4:acedup = merge
        nfs4:chown = true

 

[Aikidoka]

I have manually added the following to the Auxiliary Parameters for SMB and I now see my user populated in smbusername.map. Still cannot open the FreeNAS box with my Microsoft Account credentials though. Working on how I can log the attempt.

Code:

username map = /usr/local/etc/smbusername.map
username map cache time = 60

 

[Aikidoka]

The addition of log level = 1 auth_audit:5 to the Auxiliary Parameters allowed me to see that while the mapping worked, it said my password was bad. This was coming from a laptop where I used a PIN to login. I had to log out and log in with my MS account password, which may have been different when I originally set up the PIN. I think Windows still had the old password cached. That laptop can now get into FreeNAS using the MS account. Will test on the original PC next.

 

[Aikidoka]

It is working from my original PC now using my Microsoft Account also. Looks like checking the MS Account box on the user account was not enough on the default install with 11.3-U2. Required additional Auxiliary Parameters for SMB.

 

[anodos]

It is working from my original PC now using my Microsoft Account also. Looks like checking the MS Account box on the user account was not enough on the default install with 11.3-U2. Required additional Auxiliary Parameters for SMB.

It's just a matter of when the username map is being generated. It will be fixed in 11.3-U3. https://github.com/freenas/freenas/pull/4418

You can force regeneration of it by running the command midclt call etc.generate smb_configure (FN 11.3-only)

 

[Aikidoka]

Thanks anodos. That may come in handy when I add additional users.