Hi everybody,
I've been trying to solve the issue by myself, but nothing I tried helped and I'm getting quite desperate.
I work in a company that has recently acquired a new TS-670 Pro. I manage a small subnet with a linux server running ClearOS v6.5.0. This server acts mainly as the directory server, DHCP, DNS (and a couple more).
What I need is to connect the NAS to the LDAP service, so it can act as a file server. If everything fails, I'll do it using the iSCSI, but for now, I'd like to make it work using the LDAP protocol, so I could use various services offered by the NAS itself.
I set the server up to offer "LDAPS" (LDAP+SSL), then I set the NAS to connect to it and everything seemed to work fine: I was able to list both domain users and domain groups using the NAS interface and even assign them to the shares.
Problems start when I try to connect to the NAS using the domain accounts:
- I'm completely unable to connect using SMB and FTP (I've tried various accounts and multiple forms of logins - LOGIN, DOMAIN\LOGIN, DOMAIN+LOGIN, nothing ever worked)
- I'm able to connect with SOME accounts using the File Manager, but I was unable to find the reason, why some accounts work and some don't (these accounts work with a simple "LOGIN" - without the DOMAIN)
Note: All services are running and I can connect to FTP and File Manager using the local accouns (SMB should only work with LDAP accounts according to the settings). Connecting with SMB+FTP tells me my login/password is wrong, connecting using File Manager tells me "Authentication Failure" and I get a security related message telling me: "[Security mode] Failed to connect to the LDAP Server: wrong login or password."
There also seems to be a secondary problem: the NAS is able to properly list all domain users and groups, but it is unable to tell, which users are part of what groups.
I've found a thread which said, that the solution to the second problem should be the following:
- add 2 lines in the nss_ldap.conf:
I've been trying to solve the issue by myself, but nothing I tried helped and I'm getting quite desperate.
I work in a company that has recently acquired a new TS-670 Pro. I manage a small subnet with a linux server running ClearOS v6.5.0. This server acts mainly as the directory server, DHCP, DNS (and a couple more).
What I need is to connect the NAS to the LDAP service, so it can act as a file server. If everything fails, I'll do it using the iSCSI, but for now, I'd like to make it work using the LDAP protocol, so I could use various services offered by the NAS itself.
I set the server up to offer "LDAPS" (LDAP+SSL), then I set the NAS to connect to it and everything seemed to work fine: I was able to list both domain users and domain groups using the NAS interface and even assign them to the shares.
Problems start when I try to connect to the NAS using the domain accounts:
- I'm completely unable to connect using SMB and FTP (I've tried various accounts and multiple forms of logins - LOGIN, DOMAIN\LOGIN, DOMAIN+LOGIN, nothing ever worked)
- I'm able to connect with SOME accounts using the File Manager, but I was unable to find the reason, why some accounts work and some don't (these accounts work with a simple "LOGIN" - without the DOMAIN)
Note: All services are running and I can connect to FTP and File Manager using the local accouns (SMB should only work with LDAP accounts according to the settings). Connecting with SMB+FTP tells me my login/password is wrong, connecting using File Manager tells me "Authentication Failure" and I get a security related message telling me: "[Security mode] Failed to connect to the LDAP Server: wrong login or password."
There also seems to be a secondary problem: the NAS is able to properly list all domain users and groups, but it is unable to tell, which users are part of what groups.
I've found a thread which said, that the solution to the second problem should be the following:
- add 2 lines in the nss_ldap.conf:
Share this post:
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »