[Samba] SAMBA 4.5.0

Tim Dittler tim.dittler at rosalux.org
Thu Oct 13 07:26:38 UTC 2016

Just a note: I read the changelog and was aware of the change. However,
I was not aware, that almost none of our network scanners would support
NTLMv2. Different models and brands.
Therefore, I was forced to revert this change.

Best regards,

On 10.10.2016 11:31, Rowland Penny via samba wrote:
> If you read the release notes for 4.5.0, you will find this:
> NTLMv1 authentication disabled by default
> -----------------------------------------
> In order to improve security we have changed
> the default value for the "ntlm auth" option from
> "yes" to "no". This may have impact on very old
> clients which doesn't support NTLMv2 yet.
> The primary user of NTLMv1 is MSCHAPv2 for VPNs and 802.1x.
> By default, Samba will only allow NTLMv2 via NTLMSSP now,
> as we have the following default "lanman auth = no",
> "ntlm auth = no" and "raw NTLMv2 auth = no".
> If you must use the insecure 'ntlm', I am sure you can work out from
> the above what you must add to smb.conf

More information about the samba mailing list