Hi Everybody,
My OmniOSce CIFS server is joined to AD domain (based on Samba 4 from
Ubuntu). A few days ago some client computers where updated to Win 10
1803 and two users started complaining they cannot access the CIFS
share. I have checked everything and cannot find the problem.
* There is ACL rule for a "employees" AD group allowing access for the
members,
* there are about 20 members and only 2 of them have problem,
* the two accounts CAN connect to another Windows machine via RDP and
are authorized by AD DC (I even changed passwords to check and still
can connect with the new passwords),
* the two accounts cannot access the CIFS share from OmniIOSce server.
When I try to access the server from Ubuntu machine I get the following
with "good_user":
# smbclient -U good_user -L //omnios
Enter test11's password:
Domain=[DOMAIN_NAME] OS=[SunOS 5.11 omnios-r151026-673c5] Server=[Native
SMB service]
Sharename Type Comment
--------- ---- -------
public Disk
c$ Disk Default Share
test1 Disk
test2 Disk
ipc$ IPC Remote IPC
test Disk
Domain=[DOMAIN_NAME] OS=[SunOS 5.11 omnios-r151026-673c5] Server=[Native
SMB service]
Server Comment
--------- -------
Workgroup Master
--------- -------
and with "bad_user" I get
# smbclient -U bad_user -L //omnios
Enter bad_user's password:
session setup failed: NT_STATUS_ACCESS_DENIED
I cannot see any difference between the users. They are members of the
same AD groups. Even the password is the same! It seems like //omnios
does not like the two users (or cannot authorize them). As a workaround
I created two new accounts and they work as a charm. But that is just a
temporary workaround.
I'd be grateful for a hint where to look for the mistake.
With regards
--
Piotr
_______________________________________________
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss
