[Samba] Samba NTLMv2 &&128bit encryption - does it work ?
andy.marr at bt.com
andy.marr at bt.com
Fri Oct 2 09:10:51 MDT 2009
Hi all
I've has issue with widows clients connection to my samba 3.0.33 server
running on Solaris 10.
The SAMBA server has security set as ADS and It works perfectly in the
domain , except for clients which have a
GPO set with the following enabled.
Require NTMLv2 - needs to be set to enabled.
Require 128bit encryption - needs to be set to enabled.
Once my Windows admin turns these settings off the clients can connect
to the SAMBA server no problem.
With the settings turned on, the clients get error 59 "unexpected
network error has occurred".
The samba logs show "client has disconnected"
1. Its it possible to connect SAMBA to clients which have these settings
on.
2. If so are there extra config settings do I need in my smb.conf ?
My smb.conf
[global]
workgroup = STGROUP
netbios name = FGUKSHPPAY001
realm = STGROUP.COM
preferred master = no
server string = CARD DR Samba Server
security = ADS
encrypt passwords = yes
allow trusted domains = yes
client ntlmv2 auth = yes
lanman auth = No
log level = 3
log file = /var/samba/log/log.%m
max log size = 250
printcap name = /dev/null
load printers = no
idmap uid = 62000-73000
idmap gid = 6200-7300
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
winbind nested groups = yes
allow trusted domains = yes
template homedir = /export/home/%U
template shell = /bin/bash
#============================ Share Definitions
==============================#
[lsww]
comment = lsww
path = /mirror/livesww/list
valid users = STGROUP\admandy STGROUP\admtim STGROUP\smythe
public = yes
browseable = yes
read only = yes
I have tried with and without
client ntlmv2 auth = yes
lanman auth = No
Thanks for looking. Any Ideas much appreciated.
Regards
Andy.
More information about the samba
mailing list