[Samba] new Win7 security setting broke Samba
abartlet at samba.org
Thu Oct 25 04:47:03 MDT 2012
On Wed, 2012-10-24 at 08:48 -0500, Snyder, Gabrielle S. (LARC-D322)[HP
> Good day all!
> I administer two Samba servers (RHEL 4.5) which, up to recently, had
> been working well. Our security officials changed the LAN Manager
> group policy for the new Win7 systems from 'Send NTLMv2 response only;
> Refuse LM' to 'Send NTLMv2 response only; Refuse LM & NTLM'. We
> were running samba 3.0.33. I have upgraded to 3.6.8-44. I have tried
> a variety of different smb.conf file options to get the new version to
> work with the mandated security policy. We only use Samba to map
> Linux shares onto Win7 clients. The Win7 clients are part of a domain
> but the Linux servers are not.
> Any help with how to setup Samba to work in this environment would be
> greatly appreciated.
Can you send in your smb.conf?
Samba has, since 3.0, accepted NTLMv2 passwords, so something else is
going wrong here. Perhaps they also set a smb signing policy, and you
didn't enable smb signing, or you are running 'security=server', which
is incompatible with NTLMv2?
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba