Before posting, and to avoid disappointment, please read the following:

  • This forum is not for 2BrightSparks to provide technical support. It's primarily for users to help other users. Do not expect 2BrightSparks to answer any question posted to this forum.
  • If you find a bug in any of our software, please submit a support ticket. It does not matter if you are using our freeware, a beta version or you haven't yet purchased the software. We want to know about any and all bugs so we can fix them as soon as possible. We usually need more information and details from you to reproduce bugs and that is better done via a support ticket and not this forum.

Binding source with AD user

For technical support visit https://support.2brightsparks.com/
Post Reply
Plavi269
Newbie
Newbie
Posts: 3
Joined: Thu Aug 04, 2016 12:01 pm

Binding source with AD user

Post by Plavi269 »

First, hi to all of you...

Second, let's get to it. I don't know if this is even possible, but I have to ask. I'm doing backup on NAS and on that NAS I'm creating folders for particular AD users. I want to limit user quota for his own folder. But here's the problem with one of the scenarios...

User A has folder on NAS called Backup A. 1 GB of data from his laptop is copied to his folder. But when I get to option User quota on NAS for user A it says it is currently used 0 GB by him. And those 1 GB it is used by me, Admin. So here's what I think is going on...

SyncBack is installed on IT server, and I log on it as me (Admin). So when SyncBack is copying it assumes that I am the one who is doing the copy, even though it is copying from User A laptop to his fodler on NAS, and therefore increasing mine (Admin) user quota and not user's A. And now the main thing - is there a way to "tell" SyncBack that when it is copying from User A laptop to do it with his credentials so that NAS would recognize that User A is doing the copy and not me?

Thanks in advance for any help.
cliffhanger
Expert
Expert
Posts: 606
Joined: Tue May 31, 2011 5:59 pm

Re: Binding source with AD user

Post by cliffhanger »

My guess is this all hinges on which credentials ('supplied' or 'implied' * ) are being used to connect to the NAS at the start of the run of any given profile (I assume you have a set of profiles, each specific to one user). I would imagine the NAS is basing its decisions about which quota to decrement on the account name being used to effect the server > NAS connection on that occasion.

Unfortunately, you haven't mentioned how/if the profile(s) are configured in this respect. I'm referring to settings on

Modify -> Expert -> Network -> Destination section and
Modify -> Expert -> Network -> Advanced

I strongly recommend also that you read the contextual Help (press F1) on both of these pages, possibly more than once, maybe making notes. There are many permutations...


* by 'supplied', I mean the optional alternate credentials you can configure the profile to pass to the NAS to effect a connection (I would imagine these should be the credentials of that user's account on the NAS) - whereas by 'implied' I mean the credentials used if no alternate credentials are supplied, i.e. when the profile will try to connect using the 'current' Windows credentials (of the account that is running SE > the profile, i.e. you)
Plavi269
Newbie
Newbie
Posts: 3
Joined: Thu Aug 04, 2016 12:01 pm

Re: Binding source with AD user

Post by Plavi269 »

Profiles haven't been configured in network section. Then I tried with destination settings only (domain\username), then added source also but without result. Even if I check in advanced settings "Use this username before trying..." the result is still the same. I don't if it's any help but when I click on Test Connection button message says "A test cannot be performed as you are already connected to network path".

And yes, as you said NAS is probably basing its decisions who is connected to server rather than settings in SE. When I log on as User A on server and try to copy his files to NAS folder, of course his quota is decrementing. But that is not the solution, cause I have hundreds of users and I cannot grant every one of them access to server.

Users don't have account on NAS (Thecus N5550). I log on it through Web app and create nothing but folders with their names, so I'm guessing it is "implied" credentials NAS is using as primary.

I really think there is solution, but I just don't know how to bypass Windows/Server credentials and use specific users account credentials for his profile. Network settings are not working or maybe I'm doing something else wrong...
cliffhanger
Expert
Expert
Posts: 606
Joined: Tue May 31, 2011 5:59 pm

Re: Binding source with AD user

Post by cliffhanger »

Did you try setting the option 'Do not try my current username and password' on the Advanced page (In conjunction with 'Use this user name...', and supplying the alternate credentials)? You may get an error (and run Failure) if you do, but if so, the error message (in the log) may be enlightening.

TBH, it sounds like there is a network connection to the NAS open already (using your account), thus the Test result you mentioned. I do know that Windows doesn't let you create multiple connections to the same resource from the same client simultaneously, which may (inadvertently) be what you are trying to do...

http://support.2brightsparks.com/knowle ... d-resource

The wording of that MS KB & error message it quotes is a little confusing, but I gather anecdotal evidence suggests it actually boils down to "Multiple connections to a server or shared resource by the same [client machine], using more than one user name, are not allowed"
cliffhanger
Expert
Expert
Posts: 606
Joined: Tue May 31, 2011 5:59 pm

Re: Binding source with AD user

Post by cliffhanger »

PS: as mentioned in the Help on the Network page, this may also be a factor...
...Windows caches connection information and so may use valid cached credentials instead
Plavi269
Newbie
Newbie
Posts: 3
Joined: Thu Aug 04, 2016 12:01 pm

Re: Binding source with AD user

Post by Plavi269 »

Sorry for late response, I had other issues...

There is no option "Do not try my current username and password" at least not in version I'm using (5.1.1.0). There is "Do not disconnect from network after profile has run"...

Regarding already open connection to NAS... Open from where? From IT server? How should server know if it's open connection particularly to NAS? If it's not server, but SE, only field where I'm telling it where to copy files is destination field. And who is copying should be overwritten in Advanced page, but it is not because of Windows and multiple connections as you mentioned. So what is the point of the Advanced page and its settings if it's not working? :)
cliffhanger
Expert
Expert
Posts: 606
Joined: Tue May 31, 2011 5:59 pm

Re: Binding source with AD user

Post by cliffhanger »

Network (and > Advanced) settings pages (and the underlying code) have gone though numerous changes since 5.1.1.0 - which has been out of date since November 2008...

Version 5 and 6 are no longer supported by 2BS, and they generally require V7 users with issues to update for free to latest V7 release as a matter of course (if they haven't done so already). I tend to agree with them.

As the section of (V7) Help I quoted mentions, Windows 'clients' (in the sense of 'the machine trying to initiate the connection', thus including when a Server tries to connect to some other resource) have a habit of caching recent successfully-used credentials, and re-using them silently (ignoring the alternate credentials being supplied). Nothing I can do but point that out.
Post Reply