[Samba] samba 4.5.10 and old clients with NTLMv1
L.P.H. van Belle
belle at bazuin.nl
Thu Jul 27 10:53:50 UTC 2017
I suggest these settings.
lm announce = no
lanman auth = no
ntlm auth = no
client lanman auth = no
client ntlmv2 auth = yes
This keeps samba secure and allows XP clients.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Ph
> Lachaud via samba
> Verzonden: donderdag 27 juli 2017 12:38
> Aan: samba
> Onderwerp: Re: [Samba] samba 4.5.10 and old clients with NTLMv1
>
> Hello Stefan,
> had the same problem here, as you said adding "ntlm auth =
> yes" solved it, so yes it will work with this added to the
> global conf.
> The problem comes from this option being set to "no" by
> default with the new versions.
> Don't know about setting this specific parameter for a share
> only, interested in the answer.
> Regards.
>
> Le Jeudi 27 juillet 2017 11h29, Stefan G. Weichinger via
> samba <samba at lists.samba.org> a écrit :
>
>
>
> At a customer they still have some old VMs around that run Windows XP.
>
> Yes, I already provided them with newer VMs ... but the users
> still need/want the old machines as well.
>
> Now the batch file with the "net use" statements fail, as far
> as I have researched because of the weak and outdated NTLMv1:
>
> [2017/07/27 11:11:08.538343, 2]
> ../libcli/auth/ntlm_check.c:424(ntlm_password_check)
> ntlm_password_check: NTLMv1 passwords NOT PERMITTED for user vmuser1
>
> I assume I can enable that via the parameter "ntlm auth = yes"?
> Currently it is "no", sure.
>
> It's a global parameter, according to the man page, is there
> a way to only enable NTLMv1 for this specific share?
>
> thanks, regards, Stefan
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list