[Samba] accessing foreign AD users to NT domain
Marco Gaiarin
gaio at sv.lnf.it
Tue Aug 25 16:53:00 UTC 2020
Mandi! Rowland penny via samba
In chel di` si favelave...
> Even though your users may have the same username in AD as in the NT4-style
> domain, they are different users, so a few thoughts. You have 'map to guest
> = bad user', so I take it you must have 'guest ok = yes' set in the shares
> (you haven't shown us the shares), so try changing 'bad user' to 'bad
> password'.
Interesting. But my server had 'map to guest = Bad User', and worked.
Anyway, it is worth a try...
> The only other thing I can think of at the moment is to remove
> 'winbind use default domain = yes'
It was a try, i think in NT mode don't bother at all.
Paolo, if possible:
a) your client OS is Win10 or Win7? I don't remember if you have
specified it.
If possible, use Win7. If not, make sure ti have smb1 enabled, but also
this:
- https://support.microsoft.com/en-gb/help/4046019/guest-access-in-smb2-disabled-by-default-in-windows-10-and-windows-ser
b) you have tried to mount shares using IP and not names? EG, try
please:
net use g: \\1.2.3.4\share /persistent:yes
c) follow the hint by Louis, eg try to explicit the login in domainful
way:
net use g: \\server.fqdn.tld\share /persistent:yes /user:NT4DOM\%username%
(i think that this WILL HAVE to work!)
If possible, for every try enable log (samba and windows) and post result.
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
More information about the samba
mailing list