?
Solved

Mac OS X Panther Server Share in an Active Directory environment gives error

Posted on 2004-03-22
10
Medium Priority
?
1,605 Views
Last Modified: 2013-12-23
We have an XServe running Panther.  This server is a domain member of our Windows 2000 Active Directory.  I shared out a folder on the XServe and gave all of active directory users read/write permissions to it.  The problem is when an active directory user tries to connect to this share, they get an error "the account is not authorized to log in from this station".  I have enabled "send unecrypted password to connect to 3rd party SMB servers" on our domain security policy but it didn't fix this error.  I can login using any active directory user account on the XServe (physically go there) with no problems but can't go there over the network.  I can ping the XServe from any workstation.  NSlookup also works.  How do I fix this error?  
The work around we're doing right now is to use the "map network drive" and click on connect using a "different user name" then use the local admin user of the XServe.  We would like our users to be able to just connect to the XServe without having to remember 2 different user name and password.
0
Comment
Question by:jlenon15
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3
10 Comments
 
LVL 62

Expert Comment

by:gheist
ID: 10652025
I am not sure this is the case - but what happens when you add AD usernames as OSX users ???
0
 

Author Comment

by:jlenon15
ID: 10652084
In Workgroup Manager in the XServe, I was able to create a local group and added AD users in to that group without problems.  I assigned that group to the share I created for our AD users.  We are using our XServe mainly as a file server only.
0
 
LVL 62

Expert Comment

by:gheist
ID: 10652793
I guess this is not so popular SAMBA, but samba is able to authenticate users against NT pdc. Maybe you can find such a option around.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 

Author Comment

by:jlenon15
ID: 10653155
We do not have any NT machines.  We are on native mode on our Windows 2000 AD.
0
 
LVL 62

Expert Comment

by:gheist
ID: 10653514
AD is almost same PDC renamed...

I found german document on apple site which talked about LDAP plugin pointing to AD ...
0
 
LVL 9

Expert Comment

by:Alf666
ID: 10658714
0
 

Author Comment

by:jlenon15
ID: 10658746
The XServe is already authenticating through our AD Domain Controllers, like I said before I can login on the XServer machine using any of our AD user with no problems.
0
 
LVL 9

Expert Comment

by:Alf666
ID: 10659604
Yes, I understand that. But, on XServer (OS X), the netbios protocol is handled by samba. And it's not because you are already authenticating properly on the unix side (locally), that the samba setup has been properly done.

In this article, you will find instructions on how to configure your samba to authenticate your users against the AD. And more specifically, how to add the samba server to your domain (as you would with any domain participating client). What makes me believe that your problem might be about this is the following message :
"the account is not authorized to log in from this station".

I assumed that, maybe, "this station" is the samba server itself. In the referred to article, beginning in point 3), you will find a way to join your server to the AD.

I might be completely wrong, but I "smell" something like this.
0
 

Author Comment

by:jlenon15
ID: 10660212
I'll read the article and give it a try tonight...Thanks!
0
 
LVL 9

Accepted Solution

by:
Alf666 earned 1500 total points
ID: 10682077
Hi,

Did you get a chance to have your config working ?
0

Featured Post

Plug and play, no additional software required!

The ATEN UE3310 USB3.1 Gen1 Extender Cable allows users to extend the distance between the computer and USB devices up to 10 m (33 ft). The UE3310 is a high-quality, cost-effective solution for professional environments such as hospitals, factories and business facilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question