Shares on non-domain network devices

Please, would you try “user@domain.ext” pattern?
If it does not work, try with “Domain\user” pattern.

I hat that Idea, too, but It does not work from scratch: The TV does not offer \ and @ within the users names.
But I will try something different today evenent:

I attached a Bluetooth keyboard to my TV and I am able to do user entries using my Iphone. I will try that today evening.

Also I will try to reset the network settings. I do not have the Nethserver online for a long time. Maybe DNS ist still pointing to the old Zentyal server, which had the same host name while FQDN is different, of course.

Additionally it is not required for some kind of music hardware for which I createt the user “sanas” from that I think / hope the UserPrinciple name or the full domain name is not required on my TV.

Sorry… i misused text formatting



no changes:
DNS / Netzwork is correct on TV
neither user@mydomain.tld nor MyAD\User ist possible for the TV using TV Remote app or Bluethooth keyboard.

The error screen on the TV reads:
“Error connecting server. Please change settings. Try again later” (or similiar)

Again: Quite intereting: Open / public shares are not a problem.

Are there any logfiles I may review?


I think you can find something in


Could this be an invalid certificate issue ? The TV trying to connect using SSL, but encountering a self-signed certificate, could lead to authentication failures.

See SSL certificates for Samba AD (NSDC host)

1 Like

Also, I added that to the previous post but changed my mind … but: if you are using a domain account, the TV will use it’s DNS to resolve the domainname to an authorative server. If your TV’s DNS server is not aware of the domain, it will not find your ad server unless you have to enter it in the settings. In that case, use the IP of your AD container.

I do not think so: The TV was fine with Zentyal. I did not have a Samba Certificate either. Anyway I like your hint and I will add Samba Certificates as directed :slight_smile:


Nice tip, I will try out. But how does this work if the TV does not have “a regular DNS server” e.e. to connect to the internet. Advantage: This will increasy my privacy. Disadvantage: some apps like VOD will not work any more.

Will give Feedback ASAP.


If possible, the easiets setup would be:

NethServer should have DHCP role, NethServer DHCP scope should give the containers IP as DNS server.
DNS setting on NethServer network can be your ISP or OpenDNS or whatever will resolve outside DNS.

Notice the IP of the Domain Controller in the the above picture, and the DNS server given in the DHCP scope. This way, all devices on your network will use NethServer as DNS server, and NethServer will use google in my case to resolve everything else.

Ok I will try that. Thank you.

But in this case nethserver itself ist not the DNS but the IP of the AD container, correct?

Correct. As soon as you enable the AD module on Nethserver, you should use the DNS provided by i for at least domain clients. You should configure the upstream DNS server on the Networking page, and the rest will manage itself.

Any custom DNS records should be made using the mmc DNS snapin, not on the Nethserver DNS page. You will not see the changes there either, as it is a separate DNS server.

OK, lasts more alternatives (which could be fine also without changing network structure/settings as @planet_jeroen suggested)

(CamelCase is wrote only for better reading, “%” should not be considerate litterally)

Suggestion made by @planet_jeroen are fine if you want to use NethServer as a network service provider for DHCP, DNS server and other nice things, even if you want to use NethServer as network gateway.
But sometimes people only want to add/change the piece they already have without change other things…

1 Like


no change: none of the suggested ideas help. I do not get why I can access the shares when open to public but not if passwords / user / groups are set.

THX for further ideas…


Gave up - without solution.

Did you try a software/firmware update of your TV?

Maybe “old sharing style” works:

or ntlm issue

1 Like

WARNING! Changing samba auth/protocols is BAD for security.

Add ntlm auth = yes to the global section of /var/lib/machines/nsdc/etc/samba/smb.conf.
Restart the samba server to apply the config with systemctl -M nsdc restart samba

Maybe wrong smb protocol version is the problem:

Of course, latest version, but it is still old (2015)

Create users on the command line? mmmm … Not happy about it. It was not necessary on Zentyal 3.2 which had Samba4 / AD (early adoption) implemented either.

did that without success (and returned). Question:

systemctl -M nsdc restart samba

was unexpected fast (less < 1 second without errors or other output). Are you sure this command is enough to restart complete file sharing structure? I mean it should restart complete sambe (not only the nsdc section), correct? Maybe some more agressive, e.g. reboot?

Where do I add something like

server max protocol = LANMAN1

is it the [global] section?


It only restarts samba in the nsdc.

I don’t know if it makes sense to put it to local /etc/samba/smb.conf and restart with systemctl restart smb too.