Hey All,
This might be a bit of an unusual question but perhaps someone here has
seen this scenario.
As per the subject says, user [email protected] can mount Samba share in Win
10. Same share fails to mount on a Mac using same user.
Appears Mac's insist on interpreting the UPN [email protected] as
<USER>@<HOST> instead of just considering the entire string,
"[email protected]" as a user.
Tried both the Mac UI and command line using such things as:
mount_smbfs -d 5 "//MDS.XYZ;joe:<PASS>@192.168.0.125/NFS-joe" /samba/
but the attempt fails to mount instead giving:
[2020/02/25 00:38:25.979467, 4] ../source3/smbd/sec_ctx.c:438(pop_sec_ctx)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2020/02/25 00:38:25.979543, 3]
../source3/auth/check_samsec.c:399(check_sam_security)
check_sam_security: Couldn't find user 'joe' in passdb.
[2020/02/25 00:38:25.979614, 2]
../source3/auth/auth.c:334(auth_check_ntlm_password)
check_ntlm_password: Authentication for user [joe] -> [joe] FAILED
with error NT_STATUS_NO_SUCH_USER, authoritative=1
[2020/02/25 00:38:25.979779, 2]
../auth/auth_log.c:476(log_authentication_event_human_readable)
Auth: [SMB2,(null)] user [MDS.XYZ]\[joe] at [Tue, 25 Feb 2020
00:38:25.979710 EST] with [NTLMv2] status [NT_STATUS_NO_SUCH_USER]
workstation [MACBOOKPRO-0138] remote host [ipv4:192.168.0.206:52695]
mapped to [MDS.XYZ]\[joe]. local host [ipv4:192.168.0.125:445]
[2020/02/25 00:38:25.980276, 2]
../lib/audit_logging/audit_logging.c:141(audit_log_json)
JSON Authentication: {"timestamp": "2020-02-25T00:38:25.980017-0500",
"type": "Authentication", "Authentication": {"version": {"major": 1,
"minor": 0}, "status": "NT_STATUS_NO_SUCH_USER", "localAddress":
"ipv4:192.168.0.125:445", "remoteAddress": "ipv4:192.168.0.206:52695",
"serviceDescription": "SMB2", "authDescription": null, "clientDomain":
"MDS.XYZ", "clientAccount": "joe", "workstation": "MACBOOKPRO-0138",
"becameAccount": null, "becameDomain": null, "becameSid": null,
"mappedAccount": "joe", "mappedDomain": "MDS.XYZ", "netlogonComputer":
null, "netlogonTrustAccount": null, "netlogonNegotiateFlags":
"0x00000000", "netlogonSecureChannelType": 0, "netlogonTrustAccountSid":
null, "passwordType": "NTLMv2", "duration": 9826}}
[2020/02/25 00:38:25.980420, 4] ../source3/smbd/sec_ctx.c:438(pop_sec_ctx)
SSSD is configured on the NFS03 servers from which Samba is running.
Authentication works fine on all hosts with SSSD. SSSD in turn is
connected to FreeIPA.
Wondering if anyone has seen this scenario and remembers what the
possible solution may have been to get said mounts working on a Mac?
--
Thx,
TK.
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
