[Samba] Win 10 cannot connect with (some variations of) 'smb encrypt = desired'
slow at samba.org
Fri Jan 20 14:15:43 UTC 2017
On Fri, Dec 23, 2016 at 02:21:16PM -0600, Chad William Seys via samba wrote:
> Hi all,
> There are some surprises when trying to connect Windows 10 (up to date circa
> Dec 2016) to Samba (4.5.2) with 'smb encrypt = desired' as a config option.
> I've made a grid of some of the combinations 'smb encrypt = desired'
> settings below.
> The biggest surprise is that if 'smb encrypt = desired' is set globally and
> in the share, Windows 10 cannot connect at all, but if 'smb encrypt =
> required' globally then Windows 10 can connect.
> "Connecting" was tested by first logging out of Windows, restarting the smbd
> daemon, logging in to Windows, opening Explorer, and typing the URL (UNC?)
> into the address bar. No credentials were saved in Credential Manager.
> browse - specify hostname, but not share name - \\smb.physics.wisc.edu
> select - browse shares as above, then select the share name in Explorer
> direct - specify hostname and sharename - \\smb.physics.wisc.edu\smb
> G - global
> S - per share
> browse | select | direct
> smb encrypt (no G, no S) = '' Y | Y | Y
> smb encrypt (G, no S) = required Y | Y | Y
> smb encrypt (no G, S) = desired Y | N | Y
> smb encrypt (G and S) = desired N | N/A | N
> smb encrypt (G, no S) = desired N | N/A | N
> - Shouldn't the last two combos create the same final connection as a global
> 'smb encrypt = required'?
>  Successful login needed before shares are visible.
>  Error message is "multiple connections to a server or a shared resource
> by the same user, using more than one user name, are not allowed.
> Disconnect all [...]"
>  Error message is "The specified server connot perform the requested
>  Error message is "Check the spelling of the name. Otherwise there might
> be a problem with your network."
>  Browsing shares connection not encrypted. When trying to enter a share,
> possibly Samba/Windows tries to create an encrypted connection leading to
> . If it is not possible to renegotiate encryption, then the unencrypted
> connection should be used instead (remember that 'smb encryption =
hm, this sounds different then
but can you please test with the patch proposed here:
More information about the samba