Problem Accessing Shares from Domain Controller

B

BAENetworks

Cadet
Joined
May 3, 2018
Messages
2
We've got 6 windows servers, all running Windows Server 2016. Two are AD domain controllers and 4 are all member servers doing other things, sql, term server, etc. We use shadowprotect to do all server backups. We setup a new freenas server and did not join to domain, just using local user-id. The four non-DCs can connect to the shares on the freenas via shadowprotect destination, using freenasname\username and password just fine. The two DCs can't connect no matter what I try to use as domain\username and pwd. I've tried freenas ip as domain, freenas.domain.local, everything i can think of, still no go. I'm new to freenas. Where can i see the logs on the freenas side to try and troubleshoot. I'm using the gui and don't see anything regarding logs.

Thanks, Jerry
 
B

BAENetworks

Cadet
Joined
May 3, 2018
Messages
2
Tried that as well with no luck. Can't figure out what is different about a DC.
Also tried all of these from administrative command prompt:

net use * \\freenas\backup password /user:freenas\userid
net use * \\freenas\backup password /user:userid
net use * \\freenas\backup password /user:.\userid
net use * \\10.x.x.x\backup password /user:.\userid
net use * \\10.x.x.x\backup password /user:10.x.x.x\userid

Get this back everytime:

System error 86 has occurred.
The specified network password is not correct.

Thanks, Jerry
 
F

fbelanger

Cadet
Joined
Mar 18, 2020
Messages
2
Hi,

I found what was the error. In the default domain controllers Policy we a setting enabled called Network security: LAN Manager authentication level under Computer configuration > Policies > Windows Settings > Seucirty Settings > Local Policies > Security Option
The setting was set to send NTLM response only and i had to switch it to Send NTLMv2 response only.
Sync AD
And there you go, it should works fine.
If this setting is not configured in your GPO you can find it in your Local Policies as well. But since all your AD had the same problem, you probably have the same config in your Default DC policy.
 
You must log in or register to reply here.

Similar threads

B
  • Locked
Connect to Domain
Replies
4
Views
6K
andrew.p
A
V
  • Locked
SMB language windows problem
Replies
13
Views
1K
bigphil
bigphil
M
  • Locked
Connecting to guest share with a domain PC
Replies
1
Views
1K
dlavigne
D
n8lbv
Can't connect to SMB share from Windows 2012 R2 server ACCESS DENIED.
Replies
15
Views
6K
vartha
V
alkyred
Windows Share on 11.2-U5 not Available On Domain Joined Windows
Replies
1
Views
1K
alkyred
alkyred
Top