Openfiler AD integration and controlled access

active-directory authentication samba openfiler
6,280

I have resolved the issue, though understanding is still lacking.

It turns out that if you access the SMB share through the NETBIOS name entered in Openfiler's SMB / CIFS Setup screen, Vista is happy.

Doing the same using the IP address does not work.

Most perplexingly, I have a Windows Server 2003 machine (not on the domain) that behaves the other way around, i.e. access is only allowed through the IP address and not through the NETBIOS name.

Share:
6,280

Related videos on Youtube

Hans Malherbe
Author by

Hans Malherbe

Updated on September 17, 2022

Comments

  • Hans Malherbe
    Hans Malherbe over 1 year

    I integrated Openfiler with an Active Directory.

    I configured a SMB/CIFS share as Controlled Access and set domain admins = PG and domain users = RO. This should give domain users readonly access to the share.

    When I open a share from a Vista machine on the domain everything works.

    When I try to open the share from a Vista machine that is not on the domain I get the login prompt as expected, but no matter what I enter, I get a message

    \192.168.1.51\raided.main.iso is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.

    Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again.

    When I configure the share as Public guest access it works both ways. Both of these machines are on the same network.

    What gives?

  • Hans Malherbe
    Hans Malherbe almost 15 years
    That's a good idea but for the fact that I integrated with AD for the easy maintenance. I can just as well maintain the roaming users in the local Openfiler LDAP server.
  • Arek
    Arek almost 15 years
    How many computers not connected to domain do you have? In my case it's minority of them, so it's ok to manage their logins and passwords by hand in AD. Also managing users and groups in Active Directory is simply more comfortable and powerful.
  • Hans Malherbe
    Hans Malherbe almost 15 years
    We're doing R&D on a domain completely isolated and secured from the company domain. Project members have their computers added to the company domain yet needs to access our private domain with separate credentials.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Samba 4 OpenLDAP authentication issue
Linux authentication via ADS -- allowing only specific groups in PAM
How to configure Samba to use Windows's login ID?
How to get user password expiration date from Active Directory?
C# / ASP.NET / AD - "The specified directory service attribute or value does not exist."
Authenticate Oracle Database with Active Directory Users
C# netcore ldap authentication using Novell.Directory.Ldap.NETStandard library
Accessing Samba Share with authentication, No Drive Mapping - C#
How to check AD user credentials when the user password is expired or "user must change password at next logon"
Auto Signin with Active Directory Account in c# ASP.Net Website