Login to freenas without using computers domain

wolfslab

Cadet
Joined
Apr 22, 2019
Messages
7
I'm setting up a freenas server for my film department in my school and its all configured, but the school computers use AD logins and when I try to login to the server through file explorer, it tries to use our schools domain. I can manually type in a domain I want to login with, but all of the combinations of domains I could think of don't work. I've tried "freenas\" "freenas.local\" "local\" "\". None of them seem to work. I can use FileZilla and login to it with the same login through that. And I doubt the IT department would be willing to sign in to the freenas AD for me so we can use any account. I already created a user on the server that we could use and it has full permission to use it. I'm using the latest build with the new GUI. Would I be able to change the freenas domain to a different one and login to it that way, or is there a way around it without connecting it to the AD server?
 

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,544
First check to see if the users actually exist in the FreeNAS server's passdb.tdb file. pdbedit -L. If they do, then you should be able to authenticate using the netbios name of the server followed by your username netbiosname\username. You can see the local domain name of the server by running the command wbinfo -m. If you want to make authentication for local users work without the domain prefix you can enable support for 'trusted domains' under Directory Services->Active Directory.
 

wolfslab

Cadet
Joined
Apr 22, 2019
Messages
7
First check to see if the users actually exist in the FreeNAS server's passdb.tdb file. pdbedit -L. If they do, then you should be able to authenticate using the netbios name of the server followed by your username netbiosname\username. You can see the local domain name of the server by running the command wbinfo -m. If you want to make authentication for local users work without the domain prefix you can enable support for 'trusted domains' under Directory Services->Active Directory.
I try to do this with the correct netbios name, but it says "login failure". The account is an actual account.
 

wolfslab

Cadet
Joined
Apr 22, 2019
Messages
7
To clarify: you see the account listed in your pdbedit -L output?
I can take some of the computers that will access it off of the AD server so its no longer on the domain, but I would like to be able to access it from any computer that I didn't take off the AD server.
 

Thund3rDuck

Explorer
Joined
Aug 24, 2013
Messages
64
Good evening, I think there is some confusion here. Is the FreeNAS device actually domain joined or is it independent on a workgroup with local users? If this is the case, use the name of the FreeNAS device, a back slash, and then the user you want to log in with (i.e. mynas\user) then the password.

The other option would be to log-in with the ip address, then backslash, then the user (i.e. 192.168.1.250\user) then the password.
 

wolfslab

Cadet
Joined
Apr 22, 2019
Messages
7
Good evening, I think there is some confusion here. Is the FreeNAS device actually domain joined or is it independent on a workgroup with local users? If this is the case, use the name of the FreeNAS device, a back slash, and then the user you want to log in with (i.e. mynas\user) then the password.

The other option would be to log-in with the IP address, then backslash, then the user (i.e. 192.168.1.250\user) then the password.
It was not joined to the AD. I tried with the IP\user and it did not work. I can access it from any other computer that is not on the schools AD.
 

Thund3rDuck

Explorer
Joined
Aug 24, 2013
Messages
64
It was not joined to the AD. I tried with the IP\user and it did not work. I can access it from any other computer that is not on the schools AD.

Are you using proper case with the username? Can you log in with root? Open command line and do a net use /del * to remove all network drives, reboot the pc, and then try again.
 

wolfslab

Cadet
Joined
Apr 22, 2019
Messages
7
Are you using proper case with the username? Can you log in with root? Open command line and do a net use /del * to remove all network drives, reboot the pc, and then try again.
This login works on any computer that isn't connected to the schools AD (aka a school computer). I can login with the user I created on my own personal mac, and other peoples macs and PCs that is their own, not the schools. When I try it on a school computer, no matter what domain I put in for the "domain\user", it just says incorrect user or pass.
 

William Bravin

Contributor
Joined
Mar 16, 2016
Messages
195
hello all,

i may have screwed up. my nas is connected to s switch along with a laptop. they are all connected to the router via powerlines. MY Htpc is connected to the router. in addition to a standard root user i have created a secondary user "wbravin" with a password. In each computers my media folders are mapped and freenas shows under network in win 10., My laptop can access my Freenas no issues or problems. The mapped drives are accessible and under networks i see the folders in my nas.

on my htpc when i go to access the share drive i get a request for user authentication. i enter my password and it refuses to grant me access i get a specified network password is incorrect . Under networks i see the freenas server but when i click on it i get a blank page. please help
 
Last edited:

pro lamer

Guru
Joined
Feb 16, 2018
Messages
626
hello all,

i may have screwed up. my nas is connected to s switch along with a laptop. they are all connected to the router via powerlines. MY Htpc is connected to the router. in addition to a standard root user i have created a secondary user "wbravin" with a password. In each computers my media folders are mapped and freenas shows under network in win 10., My laptop can access my Freenas no issues or problems. The mapped drives are accessible and under networks i see the folders in my nas.

on my htpc when i go to access the share drive i get a request for user authentication. i enter my password and it refuses to grant me access i get a specified network password is incorrect . Under networks i see the freenas server but when i click on it i get a blank page. please help
I'd suggest a separate thread...

Sent from my phone
 

Thund3rDuck

Explorer
Joined
Aug 24, 2013
Messages
64
This login works on any computer that isn't connected to the schools AD (aka a school computer). I can login with the user I created on my own personal mac, and other peoples macs and PCs that is their own, not the schools. When I try it on a school computer, no matter what domain I put in for the "domain\user", it just says incorrect user or pass.

I was re-reading your posts and had a thought. These school computers, are they all windows based? If so, I wonder if there is a group policy in place blocking your connection to another "fileserver." I would run RSOP (Resultant Set of Policy) to see what policies are in place.

Another thing to try would be to use a mac that is AD joined and see if you can access it there. Unless they are using a device management tool like jampf or otherwise, no GPO's can apply to the Mac's.

Another thing to try would be to enable guest access on the share (in FreeNAS) and see what you can do.
 

ErikB

Cadet
Joined
Mar 26, 2020
Messages
2
I was re-reading your posts and had a thought. These school computers, are they all windows based? If so, I wonder if there is a group policy in place blocking your connection to another "fileserver." I would run RSOP (Resultant Set of Policy) to see what policies are in place.

Another thing to try would be to use a mac that is AD joined and see if you can access it there. Unless they are using a device management tool like jampf or otherwise, no GPO's can apply to the Mac's.

Another thing to try would be to enable guest access on the share (in FreeNAS) and see what you can do.


I had exactly the same problem and this is it!
When running 'rsop' via cmd command => in the Resultant Set of Policy, go to:
- Windows Settings => Security Settings => Local Policies => Security Options.
There the 'Network security: LAN Manager authentication level' was set to 'Send NTLM response only'.

You can configure this on your Freenas via Services, SMB, edit options and set the 'NTLMv1 auth'.
this is not recommended by Freenas.
(so in my cases I will ask the system administrator to change this, since it is an outdated insecure protocol (if I understand Google))


When the above is set you can access, without using the AD of the network, by using 'freenas\username' and 'password' as the login details.
 

pcos

Cadet
Joined
Jan 24, 2021
Messages
1
I had exactly the same problem and this is it!
When running 'rsop' via cmd command => in the Resultant Set of Policy, go to:
- Windows Settings => Security Settings => Local Policies => Security Options.
There the 'Network security: LAN Manager authentication level' was set to 'Send NTLM response only'.

You can configure this on your Freenas via Services, SMB, edit options and set the 'NTLMv1 auth'.
this is not recommended by Freenas.
(so in my cases I will ask the system administrator to change this, since it is an outdated insecure protocol (if I understand Google))


When the above is set you can access, without using the AD of the network, by using 'freenas\username' and 'password' as the login details.

This works! I created a policy in as to allow V2 only and this fixed the issue.
 
Top