[Samba] authentication issues
Rowland Penny
rpenny at samba.org
Fri Mar 9 16:07:03 UTC 2018
On Fri, 9 Mar 2018 15:46:23 +0000
peter lawrie <peter.lawrie at glendiscovery.co.uk> wrote:
> Dear Rowland
> Thank you for the reply.
> I thought I had probably created an insecurity - but no worse than
> before! The previous samba was version 3.6.23-13.el5_11 on Centos
> 5.11
>
> I installed windows 10 PCs for them last year, replacing their XP
> machines and configured the following on each
> sc.exe config lanmanworkstation depend-bowser/mrxsmb10/nsi
> sc.exe config mrxsmb20 start = disable
>
> Now I need to reverse this.
> I only had a limited time on site to install the new server. The
> priority was to get it in with minimum disruption. -
> It's a construction company - as long as they can see their data they
> don't care about security (unless something goes awry in which case I
> could be in trouble - but not until.)
> Now I will need to go back at a suitable time to resolve the security
> issues
>
> It would be greatly appreciated if I had precise instructions.
> I could experiment with my own windows 10 PC but my server is only
> Centos 6.9 with samba-3.6.23-43.el6_9.x86_64
> I have lanman auth = yes in my smb.conf, but no ntlm auth
I thought you said you had added 'ntlm auth = yes' ?
I might also point out that lanman auth is even worse than NTLMv1, have
you got 5 minutes whilst I crack the lanman auth password ?
>
> What should I change in smb.conf and I presume I will need to change
> the mrxsmb20 in each of the PCs
Having never seen the smb.conf, I have no idea, can you post a
sanitised copy.
You may also have to revert any changes that have been made to the
windows machines.
Rowland
More information about the samba
mailing list