Can't access to Windows SMB folder only from a single domain client

[m4biz]

Hi.
I've a Freenas server on my network that hosts two Windows shares SMB:

If I try to access it from any Windows 10 domain client in the same networtk , simply by putting \\freenas\dataset1 in the run as box , I can see and access all two windows shares without issue:

Anyway, from only one client I can't see Documenti Pubblici Uffici shared folder but only Docs folder.
The domain client, however, seems to works fine.
Any idea?
Thanks in advance.

 

[anodos]

Run command "id DOMAIN\\username" on CLI in FreeNAS. Then run command "getfacl /mnt/<remaining path components>" for the dir that is missing and the dir that is visible. Post output here.

 

[m4biz]

Run command "id DOMAIN\\username" on CLI in FreeNAS. Then run command "getfacl /mnt/<remaining path components>" for the dir that is missing and the dir that is visible. Post output here.

Hi anodos, thank for your reply.
This is the requested output:

 

[anodos]

Okay, and `id` output for the user (assuming it isn't "administrator")?

 

[m4biz]

Okay, and `id` output for the user (assuming it isn't "administrator")?

Hi anodos, sorry for delay.
I'm not shure that this is the right syntax for the command:

 

[anodos]

Hi anodos, sorry for delay.
I'm not shure that this is the right syntax for the command:
View attachment 51850

I meant for you to substitute the relevant domain and user name... e.g. `id LENTINI-UFFICI\\m4biz`

 

[m4biz]

Hi.
I've understood.
In the following output I've tried with two different domain users: a.chiacchio and administrators in the domain lentini-uffici.
I've the issue only with a.chiacchio account.
If i'm logged on the same domain computer with administrator account , I can access the Documenti Pubblici Uffici shared foleder whituout issue:

Any idea?

 

[anodos]

Which version of FreeNAS is this?

 

[m4biz]

Which version of FreeNAS is this?

 

[anodos]

Hmm... if this isn't for home-use then you should immediately plan to upgrade the server. Any version prior to 12.0-U6 has critical CVE in winbindd (component that handles AD domain join). 11.3 is EOL.

Generally speaking, I believe there was an issue with winbindd, caching, and unix token generation in old versions of TrueNAS, but details currently elude me. you can try stopping the winbindd process, removing /var/db/system/samba4/winbindd_cache.tdb and winbindd_idmap.tdb, clearing gencache `net cache flush`, then restarting winbindd... but you really need to update.

 

[m4biz]

Hmm... if this isn't for home-use then you should immediately plan to upgrade the server. Any version prior to 12.0-U6 has critical CVE in winbindd (component that handles AD domain join). 11.3 is EOL.

Generally speaking, I believe there was an issue with winbindd, caching, and unix token generation in old versions of TrueNAS, but details currently elude me. you can try stopping the winbindd process, removing /var/db/system/samba4/winbindd_cache.tdb and winbindd_idmap.tdb, clearing gencache `net cache flush`, then restarting winbindd... but you really need to update.

Ok. I'll try. Thanks