Author Topic: Active Directory External Users cannot Connect from Mac OS  (Read 1611 times)

steven_hunter

  • Calf
  • *
  • Posts: 1

We have a couple of TeraStation XE4.0TLs and one TeraStation XE8.0TL all of which have the same external authentication issue.

 

Both are in delegated authority mode for our Active Directory domain. Windows users are able to authenticate and connect without issue using an "external user" , but Mac users cannot.Mac users *can* use "local" accounts.

 

I have tested this with 10.5 through 10.8 and all behave the same. Here are the steps to duplicate our issue:

 

1. Setup NAS using the "Delegate Authority ot External SMB Server" option in WorkGroup/Domain

2. Workgroup name is set to the AD name.

3. Create new local user with same username as a user on the AD.

4. Convert said local user to external user.

5. Add external user to local group.

6. Create shared folder, grant Read/Write permissions to local group.

7. Create second shared folder with no access restrictions.

7. From Mac, press Command+K, useing smb://xxx.xxx.xxx.xxx/ (substituing the actual IP of course)

8. Authenticate with AD username and password. Access is allowed to the unrestricted share but NOT to shared folder belonging to the group.

9 Error displayed on Mac is "You do not have permission to access this server."

Note: Also tried directly assigning permissions external user rather than using a group; same results.

 

Two of the units are running firmware revision 1.59 and one is still running 1.57.

 

More information available upon request.

 

Thanks in advance!