Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: ReneLavand
ReneLavand Author
User level: Level 1
4 points

Authentication to Sharepoint on PC

I hope this question is not seen as inappropriate...



One colleague out of 30+ faces an authentication problem…


She has credentials for PC use provided by the organisation's IT department. Her desktop PC image includes a desktop icon linking to sharepoints on our our mac server, clicking on this brings up a request for Mac credentials, and these work allowing her to use files on X-serve.


Her Mac credentials allow her on desktop macs, authenticated by our x-serve.


There is a specific sharepoint hosted by the Organisation's server that requires authentication with PC credentials. When she is on the PC, this connection is validated at login and is readily available to her. When she is working on a Mac, and attempts to link to this share, her PC credentials for the sharepoint are not recognised…


If she is logged onto her mac and allows ME to access the PC sharepoint with MY PC credentials , I can connect.

Conversely, if I am on my Mac, and allow her on my Mac to access the Sharepoint, it fails with her credentials…


So basically if she tries to connect to this sharepoint from the Mac - no joy.


Any ideas?

Xserve, Mac OS X (10.6.8), client macminis, and MacPros

Posted on Jan 29, 2014 10:27 AM

Reply
6 replies
User profile for user: ReneLavand
ReneLavand Author
User level: Level 1
4 points

Jan 30, 2014 1:06 AM in response to MrHoffman

Thanks for your interest...


The Users PC Logon Credentials (which give her full access to ALL services the organisation offers while working from a PC), are the same Domain/Username and Password that she should use when attempting to hit the PC Sharepoint from a Mac - but this consistently fails...


Her Mac Username and Password are NOT the same as the Organisations PC login credentials. Mac Authentication is by our departmental Xserve.


I just can't see why her PC credentials work 100% on PC but fail to allow her access to the sharepoint, when 30 others working in same fashion can hit the share via PC or Mac?...

Reply
User profile for user: Antonio Rocco
Antonio Rocco
User level: Level 6
12,278 points

Jan 30, 2014 1:21 AM in response to ReneLavand

Sounds like this one user is not part of the group that's been given permission to access that share? To find out what AD groups she is a member of get her to login and launch Terminal. Key in the word 'id' without the quotes. You should see something like this:


uid=xxxx(username) gid=xxxx(agroup) groups=xxxx(anothergroup,xxxx(everyone


The output would be longer than the one above but should give you an idea? Make a note of the groups she's a member of. Compare this to the access permissions set on that share. But don't just stop there. Have a look further up the folder chain. There may be a policy that denies access to a folder or folders further up than the one she needs access to and she's not part of that policy. Which would explain why it works fine on a PC but not on the Mac.


Apart from password policy Macs are transparent to GPOs as you know.

Reply
User profile for user: ReneLavand
ReneLavand Author
User level: Level 1
4 points

Jan 30, 2014 1:42 AM in response to Antonio Rocco

Hi there,

Would that not just relate to the services and shares from our Xserve? rather than the organisation's servers and AD?


She is not available at present , but I used Terminal on MY mac with following results


uid=1033(renelavand) gid=20(staff) groups=20(staff),402(com.apple.sharepoint.group.1),1033(all_mis_staff),1026(man agers),80(admin),

1030(videoit),412(com.apple.sharepoint.group.11),217(com.apple.access_loginwindo w),

410(com.apple.sharepoint.group.9),1046(testgroup_2),403(com.apple.sharepoint.gro up.2),1032(support),

204(_developer),100(_lpoperator),98(_lpadmin),81(_appserveradm),79(_appserverusr ),62(netaccounts),

12(everyone),408(com.apple.sharepoint.group.6),406(com.apple.sharepoint.group.4) ,

404(com.apple.sharepoint.group.3),414(com.apple.sharepoint.group.12),409(com.app le.sharepoint.group.7),

401(com.apple.access_screensharing),407(com.apple.sharepoint.group.5),411(com.ap ple.sharepoint.group.8)

Reply
User profile for user: Antonio Rocco
Antonio Rocco
User level: Level 6
12,278 points

Jan 30, 2014 2:11 AM in response to ReneLavand

I'm confused? My response was to this statement:


"The user's PC Logon Credentials (which gives her full access to ALL services the organisation offers while working from a PC), are the same Domain/Username and Password that she should use when attempting to hit the PC Sharepoint from a Mac - but this consistently fails"


Is this not the case?


I'm also trying to understand your environment because the output you've posted indicates to me an OD user account (uid=1033) and groups (1030=videoit); (1046=testgroup_2); (1032=support). This account has also been made a local admin. I can't see anything that relates to an AD account? Can you confirm this a dual directory system? AD and OD side by side with the same user databases replicated in both directories?


Your first post said:


“There is a specific sharepoint hosted by the Organisation's server that requires authentication with PC credentials. When she is on the PC, this connection is validated at login and is readily available to her. When she is working on a Mac and attempts to link to this share her PC credentials for the sharepoint are not recognised”


Is the Organisation’s server the XServe or a Windows one?


I’ve re-read the statement and I’m beginning to think this may be a keychain issue? Her keychain is being referenced when she tries to access that share and the keychain contains the wrong credentials. Or it contains the right credentials but they’ve become mangled in some way? This can happen to keychains - bad concept from Apple IMO.


Try flushing out her keychains and see what happens. It’s a PITA especially if she’s got lots of passwords which she’d have to enter again.

Reply
User profile for user: ReneLavand
ReneLavand Author
User level: Level 1
4 points

Jan 30, 2014 2:41 AM in response to Antonio Rocco

Apologies for any confusion...


Independent Group of Mac users absorbed into greater organisation and issued AD Credentials for PC use (Mac OD logons remain in place ).


Terminal results for my ID

I am ladmin for Xserve, and member of the various Staff Groups


Organisation's servers are Windows


When logged onto PC, she has full access to Windows services and can connect to Mac Sharepoints by entering Mac Credentials when asked


She has full access to Mac services provided by Xserve BUT cannot connect to the one specific WINDOWS SHAREPOINT that we routinely access via Mac. Doubleclicks shortcut and is asked for Windows Domain\Username and Windows Password whch fails... same Domain\Username and Windows Password that fully authenticates when on the PC.


Crazy workaround is to work on mac, save files to Xserve. Log in to PC, access Mac sharepoint, drag files to Windows Sharepoint...


Will look at keychain, but suspect that she doesn't make use of this feature - we frown upon its use.


Thanks for your interest.

Reply

Authentication to Sharepoint on PC

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up