Hey All,
This might be a bit of an unusual question but perhaps someone here has
seen this scenario.
As per the subject says, user j...@mds.xyz can mount Samba share in Win
10. Same share fails to mount on a Mac using same user.
Appears Mac's insist on interpreting the UPN j...@mds.xyz as
<USER>@<HOST> instead of just considering the entire string,
"j...@mds.xyz" as a user.
Tried both the Mac UI and command line using such things as:
mount_smbfs -d 5 "//MDS.XYZ;joe:<PASS>@192.168.0.125/NFS-joe" /samba/
but the attempt fails to mount instead giving:
[2020/02/25 00:38:25.979467, 4] ../source3/smbd/sec_ctx.c:438(pop_sec_ctx)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2020/02/25 00:38:25.979543, 3]
../source3/auth/check_samsec.c:399(check_sam_security)
check_sam_security: Couldn't find user 'joe' in passdb.
[2020/02/25 00:38:25.979614, 2]
../source3/auth/auth.c:334(auth_check_ntlm_password)
check_ntlm_password: Authentication for user [joe] -> [joe] FAILED
with error NT_STATUS_NO_SUCH_USER, authoritative=1
[2020/02/25 00:38:25.979779, 2]
../auth/auth_log.c:476(log_authentication_event_human_readable)
Auth: [SMB2,(null)] user [MDS.XYZ]\[joe] at [Tue, 25 Feb 2020
00:38:25.979710 EST] with [NTLMv2] status [NT_STATUS_NO_SUCH_USER]
workstation [MACBOOKPRO-0138] remote host [ipv4:192.168.0.206:52695]
mapped to [MDS.XYZ]\[joe]. local host [ipv4:192.168.0.125:445]
[2020/02/25 00:38:25.980276, 2]
../lib/audit_logging/audit_logging.c:141(audit_log_json)
JSON Authentication: {"timestamp": "2020-02-25T00:38:25.980017-0500",
"type": "Authentication", "Authentication": {"version": {"major": 1,
"minor": 0}, "status": "NT_STATUS_NO_SUCH_USER", "localAddress":
"ipv4:192.168.0.125:445", "remoteAddress": "ipv4:192.168.0.206:52695",
"serviceDescription": "SMB2", "authDescription": null, "clientDomain":
"MDS.XYZ", "clientAccount": "joe", "workstation": "MACBOOKPRO-0138",
"becameAccount": null, "becameDomain": null, "becameSid": null,
"mappedAccount": "joe", "mappedDomain": "MDS.XYZ", "netlogonComputer":
null, "netlogonTrustAccount": null, "netlogonNegotiateFlags":
"0x00000000", "netlogonSecureChannelType": 0, "netlogonTrustAccountSid":
null, "passwordType": "NTLMv2", "duration": 9826}}
[2020/02/25 00:38:25.980420, 4] ../source3/smbd/sec_ctx.c:438(pop_sec_ctx)
SSSD is configured on the NFS03 servers from which Samba is running.
Authentication works fine on all hosts with SSSD. SSSD in turn is
connected to FreeIPA.
Wondering if anyone has seen this scenario and remembers what the
possible solution may have been to get said mounts working on a Mac?
--
Thx,
TK.
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
