[Samba] Samba4 server is not accessible for logon from Windows 2008R2 SP1.
Rowland Penny
rpenny at samba.org
Mon Nov 20 21:17:53 UTC 2017
On Mon, 20 Nov 2017 22:45:08 +0300
"CpServiceSPb . via samba" <samba at lists.samba.org> wrote:
> I discovered the situation.
> When attempting to logon from Windows 2008R2 to Samba4 is made we can
> see in Samba smbd log the following important for understanding the
> situation lines:
>
> [2017/11/20 13:25:52.040094, 2, pid=7100, effective(0, 0), real(0,
> 0)] ../libcli/auth/ntlm_check.c:430(ntlm_password_check)
> ntlm_password_check: NTLMv1 passwords NOT PERMITTED for user
> <username> [2017/11/20 13:25:52.040110, 3, pid=7100, effective(0,
> 0), real(0, 0)] ../libcli/auth/ntlm_check.c:437(ntlm_password_check)
> ntlm_password_check: NEITHER LanMan nor NT password supplied for
> user <username>
>
> It tell us that Samba4 doesn't wany to accept NTLMv1 authentication.
>
> So, it is easy to solve (as was in my case) .
> You should put to smb.conf to
> [general] section the followng line:
> ntlm auth = yes
>
>
> also I set max protocol = SMB3
> but I think that it is not important for this case.
>
> After changing smb.conf restarting of Samba4 services are necessary.
>
> So I can mark the topic as Solved !
The correct cure is to make your 2008R2 use NTLMv2 instead of NTLMv1
Or rather, find out why your 2008R2 server isn't using NTLMv2 by
default.
The default for 'ntlm auth' was changed from 'yes' to 'no' for a reason.
Rowland
More information about the samba
mailing list