[Samba] authentication issues

Rowland Penny rpenny at samba.org
Fri Mar 9 16:07:03 UTC 2018

On Fri, 9 Mar 2018 15:46:23 +0000
peter lawrie <peter.lawrie at glendiscovery.co.uk> wrote:

> Dear Rowland
> Thank you for the reply.
> I thought I had probably created an insecurity - but  no worse than
> before! The previous samba was  version 3.6.23-13.el5_11 on Centos
> 5.11
> I installed windows 10 PCs for them last year, replacing their XP
> machines and configured the following on each
> sc.exe config lanmanworkstation depend-bowser/mrxsmb10/nsi
> sc.exe config mrxsmb20 start = disable
> Now I need to reverse this.
> I only had a limited time on site to install the new server. The
> priority was to get it in with minimum disruption. -
> It's a construction company - as long as they can see their data they
> don't care about security (unless something goes awry in which case I
> could be in trouble - but not until.)
> Now I will need to go back at a suitable time to resolve the security
> issues
> It would be greatly appreciated if I had precise instructions.
> I could experiment with my own windows 10 PC but my server is only
> Centos 6.9 with   samba-3.6.23-43.el6_9.x86_64
> I have lanman auth = yes in my smb.conf, but no ntlm auth

I thought you said you had added 'ntlm auth = yes' ?
I might also point out that lanman auth is even worse than NTLMv1, have
you got 5 minutes whilst I crack the lanman auth password ?

> What should I change in smb.conf and I presume I will need to change
> the mrxsmb20 in each of the PCs

Having never seen the smb.conf, I have no idea, can you post a
sanitised copy.

You may also have to revert any changes that have been made to the
windows machines.


More information about the samba mailing list