[Samba] Cross-domain share access via same user+password doesn't work anymore

Rowland penny rpenny at samba.org
Tue Sep 8 08:27:09 UTC 2020

On 08/09/2020 08:54, freebsd at tango.lu wrote:
> Hello,
> Yes that is exactly what I thought that it is not a config issue 
> because with nearly the same config it works on the 3.6 and not the 4.x.
> So yet again typical example of a software actually getting WORSE than 
> improving over the years. I don't know who the hell felt that this was 
> a good idea to deprecate this mapping option but you should consider 
> putting it back and never again try to pull something like this. What 
> happened to Samba? some systemD developers crawled over there to 
> destroy the project with their stupidity? Next thing we gonna see on 
> Samba 5 hell let's change the entire config, rename all the options 
> and why not just make it XML or encrypted JSON binary config to be 
> sysadmin unfriendly. Great Success!

No, Samba has got better over the years, it is just that a very few 
people (you being one) are still using old obsolete versions of Windows. 
You are very close with your guess about Samba 5, the entire config wont 
change, but it will use XML & JSON and it will also not support anything 
other than SMBv2 & SMBv3

Coming back to your problem, you appear to be running, to all 
appearance, a BDC, the only thing I can suggest you try is to add:

client ntlmv2 auth = no
raw NTLMv2 auth = yes

To smb.conf

You could also try adding 'server max protocol = NT1'


More information about the samba mailing list