[Samba] Samba 3.4 Windows 95/98 logon problem
Miguel Medalha
miguelmedalha at sapo.pt
Sun Mar 21 07:08:10 MDT 2010
> we have just upgraded one of our very old Linux/Samba servers to version
> 3.4.2. After the upgrade, the Windows 95/98 clients cannot login to the
> server anymore. In the log I see 'NT_STATUS_ACCESS_DENIED' messages for
> these clients.
>
The key word here is "very old". Meanwhile, some Samba defaults changed.
The default for "client lanman auth" is now "No".
If you have Windows 9x clients, you should have the following in your
smb.conf file:
client lanman auth = Yes
From the smb.conf (5) man page:
-------------------------------
client lanman auth (G)
This parameter determines whether or not smbclient(8) and other samba
client tools will attempt to authenticate itself to servers using the
weaker LANMAN password hash. If disabled, only server which support NT
password hashes (e.g. Windows NT/2000, Samba, etc... but not Windows
95/98) will be able to be connected from the Samba client.
The LANMAN encrypted response is easily broken, due to its
case-insensitive nature, and the choice of algorithm. Clients without
Windows 95/98 servers are advised to disable this option.
Disabling this option will also disable the client plaintext auth option.
Likewise, if the client ntlmv2 auth parameter is enabled, then only
NTLMv2 logins will be attempted.
Default: client lanman auth = no
-------------------------------
More information about the samba
mailing list