I am trying to troubleshoot the setup of a new Win11 box that will connect to our server remotely via a VPN. When I try to map a network drive in Windows it responds that my network password in incorrect. However, I can open a Putty or WinSCP connection using the same login credentials and connect to the server, so I know my password is correct. I suspect that the Win11 box is not actually authenticating against the server, but is rejecting it within Windows. I can't check to see if the authentication is being passed on to the server from the Windows box using Wireshark because it is connected using an encrypted VPN. The VPN is on our gateway device (not the server) and the server is accessible behind the gateway device. I am wondering if there is a simple way to see whether the login credentials being sent from the Windows box and are actually received and rejected at the server. Thanks.
-
Important Announcement for the TrueNAS Community.
The TrueNAS Community has now been moved. This forum has become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums
Logs or records of logins ?
- Thread starter jboyce
- Start date
- Joined
- Oct 29, 2016
- Messages
- 1,506
note that windows 11 wants to use microsoft accounts, and those authenticate differently.
- Joined
- Oct 29, 2016
- Messages
- 1,506
/var/log/messages might hold the login denied logs. not sure. you can enable the footer in settings. advanced i think. this will show about 5 lines of /var/log/messages live.
- Joined
- Oct 29, 2016
- Messages
- 1,506
have you tried to replicate the setup but without the VPN? does auth work with windows at all? middlemen things like VPN adds extra variable, need to try and eliminate them out.
I have not tried to remove the VPN from the equation yet. I need to physically go the office in order to test that option, but it is a test that I was planning on doing in a couple of days. Otherwise the Win11 box appear to authenticate ok in every other way that I have tested it. Just can't map the remote network drive.
WI_Hedgehog
Guru
- Joined
- Jun 15, 2022
- Messages
- 674
This can be kind of an issue in later versions of Windows 10 and Windows 11. You might try these one at a time until things start working, though do note there are side-effects (details), so keep notes, export things first where possible, etc.
- Try the username and password for your Microsoft account instead of your local account for your Windows computer.
- Try using the remote Computer Name and Account Name as the Username. If the remote computer is RC7 and the account name on that computer is JBoyce, you can input the username as RC7JBoyce (without spaces) and then input your password. (Also try: RC7J\Boyce, RC7:JBoyce)
- Clear all credentials from Credential Manager
- Disable Credential Manager Service automatic Startup
- Turn off password-protected sharing
- Modify Local Security Policy
- Add the credentials in Credentials Manager
- Set IP address to automatic
- Change Network Profile to Private
I tried most of these options prior to my original post. The short answer to each is below.
2. None of these combinations work either for the same reason as #1.
3. When I first found this option a few days ago, I thought it was the golden ticket. But editing the password in the Credential Manager, or deleting it and letting the system recreate it, did nothing and I still had the same error.
4. This had the same result as #3.
5. This wouldn't work, as my TrueNAS accounts require username and password authentication. Also MS has been putting more restrictions on Guest account authentication, which I believe this would be treated like on the Windows side.
6. Not sure what specific modification you might be referring to here, but I have followed up on numerous changes to Group and Local security policy that I have found suggested, to no effect.
7. Tried with #3 and #4 above with no effect.
8. Not sure I understand how this would affect authentication, but the Win11 laptop already is set to auto DHCP.
9. Network profile was originally established as private when the laptop was setup, so this has no effect.
Thanks for the assistance though. I am beginning to believe more and more that the origin of the issue is with Windows 11 and not TrueNAS, but am open to other suggestions.
Jeff
1. The username and password for the MS account doesn't work because it doesn't match any username on the TrueNAS samba server.
2. None of these combinations work either for the same reason as #1.
3. When I first found this option a few days ago, I thought it was the golden ticket. But editing the password in the Credential Manager, or deleting it and letting the system recreate it, did nothing and I still had the same error.
4. This had the same result as #3.
5. This wouldn't work, as my TrueNAS accounts require username and password authentication. Also MS has been putting more restrictions on Guest account authentication, which I believe this would be treated like on the Windows side.
6. Not sure what specific modification you might be referring to here, but I have followed up on numerous changes to Group and Local security policy that I have found suggested, to no effect.
7. Tried with #3 and #4 above with no effect.
8. Not sure I understand how this would affect authentication, but the Win11 laptop already is set to auto DHCP.
9. Network profile was originally established as private when the laptop was setup, so this has no effect.
Thanks for the assistance though. I am beginning to believe more and more that the origin of the issue is with Windows 11 and not TrueNAS, but am open to other suggestions.
Jeff
- Joined
- Oct 29, 2016
- Messages
- 1,506
that never happens!
Ok, I am going to continue this thread, as I was able to answer the original question that I had here, and from that I am able to get closer to my root issue.
I found the log file I was looking for at /var/log/samba4/auth_audit.log via logging in through WinSCP. This file shows me that Windows was getting an authentication result of "status": "NT_STATUS_NO_SUCH_USER" for the user “mackenziek”
Since log files don’t lie, the next step was to determine why my system thought there was no such user, when I was able to log in to the system via both Putty and WinSCP as the user mackenziek. So, the issue must be strictly a Samba issue.
Using the web interface it shows I have 10 users. Via the command line it shows the same 10 user, which includes “mackenziek”.
Comparing the user settings on the web interface I can see no differences in how the mackenzie user is setup compared to other users.
So then I looked at the contents of the file /etc/local/smbusername.map (listed below) and it shows that the user mackenziek is listed.
Then looking at the list of Samba users from the command line I get the following. Which shows me why I am unable to authenticate and map a network drive from the Win11 box. Samba for some reason has no knowledge of the user mackenziek.
So know my question is, why did mackenziek not get into Samba’s user list when it was created, and how do I get it in there now?
I found the log file I was looking for at /var/log/samba4/auth_audit.log via logging in through WinSCP. This file shows me that Windows was getting an authentication result of "status": "NT_STATUS_NO_SUCH_USER" for the user “mackenziek”
Since log files don’t lie, the next step was to determine why my system thought there was no such user, when I was able to log in to the system via both Putty and WinSCP as the user mackenziek. So, the issue must be strictly a Samba issue.
Using the web interface it shows I have 10 users. Via the command line it shows the same 10 user, which includes “mackenziek”.
Comparing the user settings on the web interface I can see no differences in how the mackenzie user is setup compared to other users.
So then I looked at the contents of the file /etc/local/smbusername.map (listed below) and it shows that the user mackenziek is listed.
Then looking at the list of Samba users from the command line I get the following. Which shows me why I am unable to authenticate and map a network drive from the Win11 box. Samba for some reason has no knowledge of the user mackenziek.
So know my question is, why did mackenziek not get into Samba’s user list when it was created, and how do I get it in there now?
