In home or small business networks without a domain controller, to seamlessly stitch client systems to a FreeNAS server, the username and password that is created on FreeNAS has to match that of the client system. This was easy enough to accomplish for Windows 7 and earlier systems. However, Windows 8 and higher initially broke the interface with FreeNAS.
For Windows 8 and above, Microsoft has been promoting their Microsoft account, which is based on an email address, over local Windows accounts. This caused samba authentication problems for FreeNAS.
For example, user basil has no problems connecting, from a Windows 7 client, to FreeNAS resources he has access to. However, he is confronted with a dialogue box, similar to the one shown below, when attempting to access the same resources after logging in using his Microsoft account firstname.lastname@example.org from a Windows 10 client.
User basil can gain access to the FreeNAS resource by entering his FreeNAS network credentials at this point. He can even get the Windows 10 client to remember his network credentials, but that would leave a ‘footprint’ behind on each Windows 8+ client he logged in from. It all gets a little out of sync as well the moment his FreeNAS password changes. It’s not ideal. Is there a better way?
More recent versions of FreeNAS support Windows 8+ through the addition of a Microsoft Account flag in user accounts.
Check the Microsoft Account flag and make sure the Email field contains the Microsoft account email address. When logging in from a Windows 8+ client, the email address is used to reference back to Username. FreeNAS authentication then proceeds in the same way as for Windows 7 or earlier clients,
One other important point is that Microsoft accounts have higher password restrictions than FreenNAS e.g. minimum password length. Users moving from say Windows 7 to Windows 10 in a FreeNAS environment, may need to update their FreeNAS password (and therefore their Windows 7 password) to match their Microsoft account password.
There are no issues working in a Windows environment with a mix of Windows 7 or earlier clients and Windows 8 or later clients. The important point is that the passwords match for the Microsoft account, local Windows account and FreeNAS account. For example, using Windows 7 or earlier clients, user basil would log in on the Windows client using his local user account basil and password. This maps directly to the FreeNAS account of the same name and matching password. For Windows 8 and later clients, user basil would log in on the Windows client using his Microsoft account email@example.com and password. Behind the scenes, FreeNAS uses the email address to reference back to user basil and matching password for authentication.
- Microsoft Account User Mapping
- Feature #7340
- Account – FreeNAS User Guide 9.10.2-U2
- Windows SMB shares – FreeNAS User Guide 9.10.2-U2