Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1607
  • Last Modified:

Mac OS X Panther Server Share in an Active Directory environment gives error

We have an XServe running Panther.  This server is a domain member of our Windows 2000 Active Directory.  I shared out a folder on the XServe and gave all of active directory users read/write permissions to it.  The problem is when an active directory user tries to connect to this share, they get an error "the account is not authorized to log in from this station".  I have enabled "send unecrypted password to connect to 3rd party SMB servers" on our domain security policy but it didn't fix this error.  I can login using any active directory user account on the XServe (physically go there) with no problems but can't go there over the network.  I can ping the XServe from any workstation.  NSlookup also works.  How do I fix this error?  
The work around we're doing right now is to use the "map network drive" and click on connect using a "different user name" then use the local admin user of the XServe.  We would like our users to be able to just connect to the XServe without having to remember 2 different user name and password.
0
jlenon15
Asked:
jlenon15
  • 4
  • 3
  • 3
1 Solution
 
gheistCommented:
I am not sure this is the case - but what happens when you add AD usernames as OSX users ???
0
 
jlenon15Author Commented:
In Workgroup Manager in the XServe, I was able to create a local group and added AD users in to that group without problems.  I assigned that group to the share I created for our AD users.  We are using our XServe mainly as a file server only.
0
 
gheistCommented:
I guess this is not so popular SAMBA, but samba is able to authenticate users against NT pdc. Maybe you can find such a option around.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
jlenon15Author Commented:
We do not have any NT machines.  We are on native mode on our Windows 2000 AD.
0
 
gheistCommented:
AD is almost same PDC renamed...

I found german document on apple site which talked about LDAP plugin pointing to AD ...
0
 
jlenon15Author Commented:
The XServe is already authenticating through our AD Domain Controllers, like I said before I can login on the XServer machine using any of our AD user with no problems.
0
 
Alf666Commented:
Yes, I understand that. But, on XServer (OS X), the netbios protocol is handled by samba. And it's not because you are already authenticating properly on the unix side (locally), that the samba setup has been properly done.

In this article, you will find instructions on how to configure your samba to authenticate your users against the AD. And more specifically, how to add the samba server to your domain (as you would with any domain participating client). What makes me believe that your problem might be about this is the following message :
"the account is not authorized to log in from this station".

I assumed that, maybe, "this station" is the samba server itself. In the referred to article, beginning in point 3), you will find a way to join your server to the AD.

I might be completely wrong, but I "smell" something like this.
0
 
jlenon15Author Commented:
I'll read the article and give it a try tonight...Thanks!
0
 
Alf666Commented:
Hi,

Did you get a chance to have your config working ?
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now