samba - Jun 2017 - Disable Samba V1 communication protococl between server and AD controller

Dear Samba community,

My name is Mengxing Cheng and I am HPC system admin at the University of
Chicago. We run Samba 3.6.23-25 on Red Hat Enterprise Linux Server release 6.7.
We would like to completely close v1 as suggested by the campus security team.

The problem is that, though we have specify min protocol = SMB2 in the [global]
section of smb.conf, some v1 communications as follows still appear in the
packet captures on the AD controllers.

SMB:C; Negotiate, Dialect = PC NETWORK  PROGRAM 1.0, MICROSOFT NETWORKS 1.03
SMB:R; Negotiate, Dialect is NT LM 0.12(#9), SpnegoToken(1.3.6.1.5.5.2)

Does anyone know how to completely disable v1 protocol?

Thank you!

Mengxing


---
Mengxing Cheng, Ph.D.
HPC System Administrator
Research Computing Center
The University of Chicago

On Mon, Jun 19, 2017 at 04:52:42PM +0000, Mengxing Cheng via samba
wrote:
> Dear Samba community,
> 
> My name is Mengxing Cheng and I am HPC system admin at the University of
Chicago. We run Samba 3.6.23-25 on Red Hat Enterprise Linux Server release 6.7.
We would like to completely close v1 as suggested by the campus security team.
> 
> The problem is that, though we have specify min protocol = SMB2 in the
[global] section of smb.conf, some v1 communications as follows still appear in
the packet captures on the AD controllers.
> 
> SMB:C; Negotiate, Dialect = PC NETWORK  PROGRAM 1.0, MICROSOFT NETWORKS
1.03
> SMB:R; Negotiate, Dialect is NT LM 0.12(#9), SpnegoToken(1.3.6.1.5.5.2)
> 
> Does anyone know how to completely disable v1 protocol?
> 
> Thank you!
I think you're going to need to upgrade to Samba 4.6.x
in order to make progress here. It's probably winbindd
from 3.6.x that is making these connections.