Mac problem, 10.4.11 mounting SMB shares with AD accounts
11 June 2008, 09:30 AM
#1
Scooby Regular
Thread Starter
Join Date: Apr 2004
Location: Cardiff
Posts: 1,928
Likes: 0
Received 0 Likes
on
0 Posts
Mac problem, 10.4.11 mounting SMB shares with AD accounts
Hi all,
Bit of an arsey problem here. My lab macs are running 10.4.11 fully patched etc. They are bound to AD and students log in with their Active Directory user accounts. when the students log in their network space stored on a server should auto mount on the desktop. The student space would have the path
\\server\students\%username%
this entry is on their Active Directory account and auto mapps on PC's
The windows server is Windows Storage Center 2003 R2, this maps to a 5 TB SAN.
When the mac user logs in, the server space path does not mount. If you try to map manually to it via IP address or FQDN it brings up the error message
The finder cannot complete the operation because some data in smb://xxx.xxx.203.66 could not be read or written.
(error code -36)
Searching on the Mac site I found the following below
Mac OS X 10.4: Error -36 alert displays when connecting to a Windows server
However this did not fix the problem. However the odd part. If you map to the server as a local account on the Mac and authenticate as a domain account.....it does work
To rule out permissions I try to connect with my username and password (domain admin) and this also doesn't work, logged into the mac as myself
Also using Leopard, it also works as local accounts and domain acccounts.
On our new campus where the Macs are we have a VMWare cluster running several 2k3 servers and the Macs can connect to these with no problems at all. It's only this particular server that they cannot connect to. Of course solutions would be move the data to another server..... or upgrade clients to 10.5 however I very much doubt either of these are feasible at present
Any ideas or suggestions all?
Bit of an arsey problem here. My lab macs are running 10.4.11 fully patched etc. They are bound to AD and students log in with their Active Directory user accounts. when the students log in their network space stored on a server should auto mount on the desktop. The student space would have the path
\\server\students\%username%
this entry is on their Active Directory account and auto mapps on PC's
The windows server is Windows Storage Center 2003 R2, this maps to a 5 TB SAN.
When the mac user logs in, the server space path does not mount. If you try to map manually to it via IP address or FQDN it brings up the error message
The finder cannot complete the operation because some data in smb://xxx.xxx.203.66 could not be read or written.
(error code -36)
Searching on the Mac site I found the following below
Mac OS X 10.4: Error -36 alert displays when connecting to a Windows server
However this did not fix the problem. However the odd part. If you map to the server as a local account on the Mac and authenticate as a domain account.....it does work
To rule out permissions I try to connect with my username and password (domain admin) and this also doesn't work, logged into the mac as myself
Also using Leopard, it also works as local accounts and domain acccounts.
On our new campus where the Macs are we have a VMWare cluster running several 2k3 servers and the Macs can connect to these with no problems at all. It's only this particular server that they cannot connect to. Of course solutions would be move the data to another server..... or upgrade clients to 10.5 however I very much doubt either of these are feasible at present
Any ideas or suggestions all?
Last edited by mike1210; 30 July 2008 at 02:28 PM.
11 June 2008, 12:59 PM
#2
Scooby Regular
Join Date: Mar 1999
Location: The Great White North
Posts: 25,080
Likes: 0
Received 0 Likes
on
0 Posts
Ok, here's a few thoughts. Firstly, have a look at this. It's Mike Bombich's guide on integration with AD, it's possible you may need to edit some of the settings on the 10.4.11 client to get it to mount the share correctly.
** edit ** That link is for the Leopard version. I've got a winter 2006 Tiger edition which might be better, shout if you want it. It's also worth searching Bombich's forums too.
There is also something else, which I have seen myself. I did have problems trying to get my clients to connect to my 2000 / 2003 server via SMB, I cannot recall the exact error, but I'm pretty sure it was -36. The solution was as follows:
1. From Administrative Tools open Domain Controller Security Policy
2. Smile
3. Select \Security Settings\Local Policies\Security Options folder.
4. In the details pane, double-click Microsoft network server: Digitally sign communications (always), and then click Disabled to prevent SMB packet signing from being required.
5. Click OK.
6. In the details pane, double-click Domain member: Digitally encrypt or sign secure channel data (always), and then click Disabled to prevent secure channel signing from being required.
7. Click OK.
** edit ** That link is for the Leopard version. I've got a winter 2006 Tiger edition which might be better, shout if you want it. It's also worth searching Bombich's forums too.
There is also something else, which I have seen myself. I did have problems trying to get my clients to connect to my 2000 / 2003 server via SMB, I cannot recall the exact error, but I'm pretty sure it was -36. The solution was as follows:
1. From Administrative Tools open Domain Controller Security Policy
2. Smile
3. Select \Security Settings\Local Policies\Security Options folder.
4. In the details pane, double-click Microsoft network server: Digitally sign communications (always), and then click Disabled to prevent SMB packet signing from being required.
5. Click OK.
6. In the details pane, double-click Domain member: Digitally encrypt or sign secure channel data (always), and then click Disabled to prevent secure channel signing from being required.
7. Click OK.
Thread
Thread Starter
Forum
Replies
Last Post
supshon
General Technical
2
03 October 2015 08:06 PM
MightyArsenal
Wheels, Tyres & Brakes
6
25 September 2015 08:31 PM
