[OmniOS-discuss] CIFS Issues
I didn't see this message until it came through on the digest. I have a working system now albeit, its a cludge. The person who suggested using a DNS alias gets a beer. I took this idea and did further troubleshooting and found that if the hostname is in AD, I get the error message. If I remove it from AD and reboot the client, it works. There is no discernible difference between using Napp-it and not. I get the same result either way. I also find it curious that all my shares are now forcibly in lower case. My Documents share comes in as documents. No big deal, but strange. Thank you for the suggestions and I am all ears if you have anything further. Message: 4 Date: Thu, 14 May 2015 13:15:56 +0200 From: G?nther Alka To: omnios-discuss Subject: Re: [OmniOS-discuss] CIFS Issues Message-ID: <84bd5b5f-1490-40ab-b176-4991062be...@hfg-gmuend.de> Content-Type: text/plain; charset=us-ascii Matthew As you use napp-it and as I have many OmniOS SMB filers in an AD environment without such problems can to compare what happens when you use napp-it to join the domain instead doing manually (menu Services >> SMB >> Active Directory) Gea > > >> On May 13, 2015, at 6:45 PM, Matthew McGee wrote: >> >> Interesting. Using the trailing "." for an absolute FQDN works. >> Any hints on how to make it work without the full FQDN? >> I assume it's probably a kerberos related issue? ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] CIFS Issues
Matthew As you use napp-it and as I have many OmniOS SMB filers in an AD environment without such problems can to compare what happens when you use napp-it to join the domain instead doing manually (menu Services >> SMB >> Active Directory) Gea > > >> On May 13, 2015, at 6:45 PM, Matthew McGee wrote: >> >> Interesting. Using the trailing "." for an absolute FQDN works. >> Any hints on how to make it work without the full FQDN? >> I assume it's probably a kerberos related issue? > ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] CIFS Issues
> On May 13, 2015, at 6:45 PM, Matthew McGee wrote: > > Interesting. Using the trailing "." for an absolute FQDN works. > Any hints on how to make it work without the full FQDN? > I assume it's probably a kerberos related issue? I'd suggest asking the illumos mailing list (discussion or developer). The SMB experts in illumos all work at Nexenta. Dan ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] CIFS Issues
Interesting. Using the trailing "." for an absolute FQDN works. Any hints on how to make it work without the full FQDN? I assume it's probably a kerberos related issue? On Wed, May 13, 2015 at 8:10 AM, Dominik Hassler wrote: Did you try to end your FQDN with a trailing dot? > > like: 'DATA.HOME.example.net.' in your example? > > > Gesendet: Mittwoch, 13. Mai 2015 um 13:40 Uhr > Von: "Matthew McGee" > An: omnios-discuss@lists.omniti.com > Betreff: [OmniOS-discuss] CIFS Issues > > I am attempting to migrate my CIFS shares from FreeNAS to OmniOS. > I have attempted a number of different installs and for now I am working > in a VM > for speed of reboots and testing. > > I have Windows 2012 AD, and a number of Mac OSX & Windows 7 clients. > > Server name = DATA > Domain HOME.example.net[http://HOME.example.net] > I install the system, configure the IP of > 10.0.1.230/8[http://10.0.1.230/8], set and test route, create a base boot > environmentand a CIFS boot environment. Reboot into the CIFS boot > environment. > I have attempted going straight to Napp-it and I have tried manual > initialization as follows: > verify /etc/hosts and /etc/nodename entries > Verify AD DNS > verify system is using AD DNS server only > nslookup to verify forward & reverse entries are functional and resolve on > the host > pkg install kerberos-5# Tried with and without this setting > sharectl set -p ddns_enable=true > klcient -T ms_ad > kinit Administrator > klist & verify output > svcadm enable -r smb/server > > smbadm join -u Administrator > Successful join > smbadm list shows my domain. > Verified kerberos delegation is allowed on the AD side. > vi /etc/nsswitch.conf and add "ad" to passwd & group lines > Have also tried adding smb line to pam > > > Both of the following produce valid output > touch foo && chown myu...@home.example.net[myu...@home.example.net] && ls > -l foo > id myuser@HOME # Although this doesn't show all my groups > create a zfs filesystem and corresponding share called documents > > root@data:/root# smbutil view //myuser@DATA > Password: > ShareType Comment > --- > c$ disk Default Share > documentsdisk > IPC$ IPCRemote IPC > vss$ disk VSS > > 4 shares listed from 4 available > > When I attempt to access from a Windows 7 host, I see the following: > > \\DATA is not accessible. You might not have permission to use this > network resource. > Contact the administrator of this server to find out if you have access > permissions. > The account is not authorized to log in from this station. > > > \\10.0.1.230 - Works, I can set permissions, read & write files > > Neither the netbios nor FQDN function, but it functions by IP. > > Samba on FreeNAS or Fedora works without issues, but I need working FC and > comstar will do that for me. > I cannot seem to get the CIFS piece working and it is the one thing > preventing me from moving forward. > Any assistance would be appreciated. I hate asking for help but I've been > working on this every night for a month > and I know there must be one little thing I am missing, maybe a > GPO?___ OmniOS-discuss mailing > list OmniOS-discuss@lists.omniti.com > http://lists.omniti.com/mailman/listinfo/omnios-discuss[http://lists.omniti.com/mailman/listinfo/omnios-discuss] > ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] CIFS Issues
I ran into the same issue when setting up my home server. Access to CIFS works by IP but not name. I ended up setting up a second IP address and created a DNS entry with a different name for that IP. I have no idea why it works but it does. Aaron On Wed, May 13, 2015 at 6:10 AM, Dominik Hassler wrote: > Did you try to end your FQDN with a trailing dot? > > like: 'DATA.HOME.example.net.' in your example? > > > Gesendet: Mittwoch, 13. Mai 2015 um 13:40 Uhr > Von: "Matthew McGee" > An: omnios-discuss@lists.omniti.com > Betreff: [OmniOS-discuss] CIFS Issues > > I am attempting to migrate my CIFS shares from FreeNAS to OmniOS. > I have attempted a number of different installs and for now I am working > in a VM > for speed of reboots and testing. > > I have Windows 2012 AD, and a number of Mac OSX & Windows 7 clients. > > Server name = DATA > Domain HOME.example.net[http://HOME.example.net] > I install the system, configure the IP of > 10.0.1.230/8[http://10.0.1.230/8], set and test route, create a base boot > environmentand a CIFS boot environment. Reboot into the CIFS boot > environment. > I have attempted going straight to Napp-it and I have tried manual > initialization as follows: > verify /etc/hosts and /etc/nodename entries > Verify AD DNS > verify system is using AD DNS server only > nslookup to verify forward & reverse entries are functional and resolve on > the host > pkg install kerberos-5# Tried with and without this setting > sharectl set -p ddns_enable=true > klcient -T ms_ad > kinit Administrator > klist & verify output > svcadm enable -r smb/server > > smbadm join -u Administrator > Successful join > smbadm list shows my domain. > Verified kerberos delegation is allowed on the AD side. > vi /etc/nsswitch.conf and add "ad" to passwd & group lines > Have also tried adding smb line to pam > > > Both of the following produce valid output > touch foo && chown myu...@home.example.net[myu...@home.example.net] && ls > -l foo > id myuser@HOME # Although this doesn't show all my groups > create a zfs filesystem and corresponding share called documents > > root@data:/root# smbutil view //myuser@DATA > Password: > ShareType Comment > --- > c$ disk Default Share > documentsdisk > IPC$ IPCRemote IPC > vss$ disk VSS > > 4 shares listed from 4 available > > When I attempt to access from a Windows 7 host, I see the following: > > \\DATA is not accessible. You might not have permission to use this > network resource. > Contact the administrator of this server to find out if you have access > permissions. > The account is not authorized to log in from this station. > > > \\10.0.1.230 - Works, I can set permissions, read & write files > > Neither the netbios nor FQDN function, but it functions by IP. > > Samba on FreeNAS or Fedora works without issues, but I need working FC and > comstar will do that for me. > I cannot seem to get the CIFS piece working and it is the one thing > preventing me from moving forward. > Any assistance would be appreciated. I hate asking for help but I've been > working on this every night for a month > and I know there must be one little thing I am missing, maybe a > GPO?___ OmniOS-discuss mailing > list OmniOS-discuss@lists.omniti.com > http://lists.omniti.com/mailman/listinfo/omnios-discuss[http://lists.omniti.com/mailman/listinfo/omnios-discuss] > ___ > OmniOS-discuss mailing list > OmniOS-discuss@lists.omniti.com > http://lists.omniti.com/mailman/listinfo/omnios-discuss > ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] CIFS Issues
Did you try to end your FQDN with a trailing dot? like: 'DATA.HOME.example.net.' in your example? Gesendet: Mittwoch, 13. Mai 2015 um 13:40 Uhr Von: "Matthew McGee" An: omnios-discuss@lists.omniti.com Betreff: [OmniOS-discuss] CIFS Issues I am attempting to migrate my CIFS shares from FreeNAS to OmniOS. I have attempted a number of different installs and for now I am working in a VM for speed of reboots and testing. I have Windows 2012 AD, and a number of Mac OSX & Windows 7 clients. Server name = DATA Domain HOME.example.net[http://HOME.example.net] I install the system, configure the IP of 10.0.1.230/8[http://10.0.1.230/8], set and test route, create a base boot environmentand a CIFS boot environment. Reboot into the CIFS boot environment. I have attempted going straight to Napp-it and I have tried manual initialization as follows: verify /etc/hosts and /etc/nodename entries Verify AD DNS verify system is using AD DNS server only nslookup to verify forward & reverse entries are functional and resolve on the host pkg install kerberos-5# Tried with and without this setting sharectl set -p ddns_enable=true klcient -T ms_ad kinit Administrator klist & verify output svcadm enable -r smb/server smbadm join -u Administrator Successful join smbadm list shows my domain. Verified kerberos delegation is allowed on the AD side. vi /etc/nsswitch.conf and add "ad" to passwd & group lines Have also tried adding smb line to pam Both of the following produce valid output touch foo && chown myu...@home.example.net[myu...@home.example.net] && ls -l foo id myuser@HOME # Although this doesn't show all my groups create a zfs filesystem and corresponding share called documents root@data:/root# smbutil view //myuser@DATA Password: Share Type Comment --- c$ disk Default Share documents disk IPC$ IPC Remote IPC vss$ disk VSS 4 shares listed from 4 available When I attempt to access from a Windows 7 host, I see the following: \\DATA is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. The account is not authorized to log in from this station. \\10.0.1.230 - Works, I can set permissions, read & write files Neither the netbios nor FQDN function, but it functions by IP. Samba on FreeNAS or Fedora works without issues, but I need working FC and comstar will do that for me. I cannot seem to get the CIFS piece working and it is the one thing preventing me from moving forward. Any assistance would be appreciated. I hate asking for help but I've been working on this every night for a month and I know there must be one little thing I am missing, maybe a GPO?___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss[http://lists.omniti.com/mailman/listinfo/omnios-discuss] ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
[OmniOS-discuss] CIFS Issues
I am attempting to migrate my CIFS shares from FreeNAS to OmniOS. I have attempted a number of different installs and for now I am working in a VM for speed of reboots and testing. I have Windows 2012 AD, and a number of Mac OSX & Windows 7 clients. Server name = DATA Domain HOME.example.net I install the system, configure the IP of 10.0.1.230/8, set and test route, create a base boot environment and a CIFS boot environment. Reboot into the CIFS boot environment. I have attempted going straight to Napp-it and I have tried manual initialization as follows: verify /etc/hosts and /etc/nodename entries Verify AD DNS verify system is using AD DNS server only nslookup to verify forward & reverse entries are functional and resolve on the host pkg install kerberos-5 # Tried with and without this setting sharectl set -p ddns_enable=true klcient -T ms_ad kinit Administrator klist & verify output svcadm enable -r smb/server smbadm join -u Administrator Successful join smbadm list shows my domain. Verified kerberos delegation is allowed on the AD side. vi /etc/nsswitch.conf and add "ad" to passwd & group lines Have also tried adding smb line to pam Both of the following produce valid output touch foo && chown myu...@home.example.net && ls -l foo id myuser@HOME # Although this doesn't show all my groups create a zfs filesystem and corresponding share called documents root@data:/root# smbutil view //myuser@DATA Password: ShareType Comment --- c$ disk Default Share documentsdisk IPC$ IPCRemote IPC vss$ disk VSS 4 shares listed from 4 available When I attempt to access from a Windows 7 host, I see the following: \\DATA is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. The account is not authorized to log in from this station. \\10.0.1.230 - Works, I can set permissions, read & write files Neither the netbios nor FQDN function, but it functions by IP. Samba on FreeNAS or Fedora works without issues, but I need working FC and comstar will do that for me. I cannot seem to get the CIFS piece working and it is the one thing preventing me from moving forward. Any assistance would be appreciated. I hate asking for help but I've been working on this every night for a month and I know there must be one little thing I am missing, maybe a GPO? ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
