Login dialog shows AD domain account login but wont accept password

[mbalsam]

When I attempt to login to freenas 11.1-U5 it loads the username/password dialog with the AD Domain Account as the username and not root. But when I enter the password it says. Please enter a correct Username and password.

The username is WITHOUT the Realm or WorkGroup.

I am able to login using root or other local accounts.

Im also seeing this in my debug.log. Not sure if its related

Code:

Jun 11 19:46:17 freenas uwsgi: [freeadmin.navtree:402] App freenasUI.documentation has no nav.py module, skipping
Jun 11 19:46:17 freenas uwsgi: [services.forms:1167] Failed to decrypt DDNS password
Traceback (most recent call last):
  File "./freenasUI/services/models.py", line 1165, in _decrypt_password
	self.ddns_password = notifier().pwenc_decrypt(self.ddns_password)
  File "./freenasUI/middleware/notifier.py", line 3862, in pwenc_decrypt
	encrypted = base64.b64decode(encrypted)
  File "/usr/local/lib/python3.6/base64.py", line 87, in b64decode
	return binascii.a2b_base64(s)
binascii.Error: Incorrect padding

 

[JohnL7]

I am not sure that domain accounts have the right level of access to be used for the portal, I thought those were just used for CIFS and Shares, etc.

 

[mbalsam]

I am not sure that domain accounts have the right level of access to be used for the portal, I thought those were just used for CIFS and Shares, etc.

The permissions were sufficient and this problem remains even now that everything else is working..

One thing to note, if you have moved users from the AD users container, it might confuse samba, I move the important users back to the main Users folder.

Also, if a user has been added to many AD groups, it's possible that the Domain Users group is no longer the Primary group in AD. There is a list and a button to make the Domain Users the primary group for an account.