Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Connecting to 10.7 Server via SMB & active directory

I think I've hit the trifecta of stuff that doesn't work. I've read quite a bit about getting SMB working properly on 10.7 but in the threads I've read, people are using Open Directory or local accounts and that doesn't apply to me. A little about my setup: I am running a 10.7.3 Lion Server bound to Active Directory. There are only several local admin users on the machine; everyone else authenticates against AD. AFP connections work fine, using both local and AD accounts. SMB connections work fine if you use a local account but any AD account is rejected as having the wrong password when connecting via SMB. I've tried using the ad\username trick (our AD server is named "ad") even though you're not supposed to need that with 10.7.2 and above... it doesn't help.


I have tried both a Windows 7 client and a 10.6 client, specifying SMB as the protocol in the Connect To Server dialog. Both fail, and they also take several minutes before reporting the bad password (the slowness in responding is yet another problem I've read as being an issue). Checking the kdc.log file on the server I see:


2012-02-09T09:54:22 digest-request netr: failed user=AD\\dlennie DC status code c000006d

2012-02-09T09:54:22 digest-request: netr failed with -1073741715 proto=ntlmv2

2012-02-09T09:54:22 digest-request: od failed with 2 proto=ntlmv2

2012-02-09T09:54:22 digest-request: user=AD\\dlennie

2012-02-09T09:54:22 digest-request: kdc failed with 36150275 proto=unknown

2012-02-09T09:54:22 digest-request: guest failed with 22 proto=ntlmv2


I am using the full DNS name for the server, and on my test clients there are no firewalls or other network issues that would prevent connection to the server.


Anyone have the magic bullet that cures all of this? We're mostly Macs here but the Windows users become a rather vocal group when something doesn't go their way. The confusing part to me is that AFP authenticates just fine and SMB doesn't.

Mac Pro, Mac OS X (10.7.3), OSX Lion Server

Posted on Feb 9, 2012 8:47 AM

Reply
4 replies

Sep 12, 2013 4:58 PM in response to wdln

Does anyone have a permanent solution for this? I've seen the same issue with my 10.8.4 server. It seems to operate normally for a period and then degrades into this state. Similarly, the macs have no issues but our Windows users are becoming understandably frustrated with the random connection issues.

Connecting to 10.7 Server via SMB & active directory

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.