samba - Sep 2003 - can't change "client use lanman auth"?

Dear Samba-istas,

Thanks for your work on a remarkable system.  I'm having a problem
dealing with a very simple system that I can't seem to figure out. 

I have a disk being shared from a Windows ME machine (I know, but I
can't change that part) that I want to mount on various linux
machines.   I have a redhat 7.3 system that uses smbmount "Version
2.2.7-security-rollup-fix" which works fine.  When I try to mount the
share, it warns about "Called name not present", but then prompts for
a password (the windows machine has "share" security, not user), and
the share mounts just fine. 

Trying the same thing on my debian unstable system using smbmount
"Version 3.0.0beta2+3.0.0rc1-1 for Debian" I get the same warning, but
when I give the password, it reports

 Server requested LANMAN password but 'client use lanman auth' is
disabled
 6436: tree connect failed: SUCCESS - 0 
 SMB connection failed 

So, reading the documentation, it looks as if I ought to put 'lanman
auth = yes' in the globals section of my smb.conf.  I do this, and
then run testparm, and a strange thing happens.  It now reports a
'lanman auth' value, but it is 'no'!  See the smb.conf and
testparm
results below. 

The documentation doesn't say much about this, and Googling both the
web and relevant usenet groups didn't turn up anything about this
problem.  Any ideas as to (a) what might be wrong, and (b) a
workaround? 

I'd be glad to provide more information if I left out anything
important.  

Thanks very much!

Larry.hunter@uchsc.edu


  basement:~# cat /etc/samba/smb.conf 
  # Global parameters 
  [global] 
	  workgroup = 180GLENCOE 
	  domain master = no 
	  lanman auth = yes 
	  hosts allow = 127.0.0.1 216.241.42.72 216.241.42.73 216.241.42.74 
	  hosts deny = 0.0.0.0/0 

  [ipc$] 
	  path = /opt 
	  writeable = yes 
	  guest ok = yes 

  [opt] 
	  path = /opt 
	  writeable = yes 
	  guest ok = yes 

  basement:~# testparm 
  Load smb config files from /etc/samba/smb.conf 
  Processing section "[ipc$]" 
  Processing section "[opt]" 
  Loaded services file OK. 
  Server role: ROLE_STANDALONE 
  Press enter to see a dump of your service definitions 

  # Global parameters 
  [global] 
	  workgroup = 180GLENCOE 
	  client lanman auth = No 
	  client plaintext auth = No 
	  domain master = No 
	  hosts allow = 127.0.0.1, 216.241.42.72, 216.241.42.73, 216.241.42.74 
	  hosts deny = 0.0.0.0/0 

  [ipc$] 
	  path = /opt 
	  read only = No 
	  guest ok = Yes 

  [opt] 
	  path = /opt 
	  read only = No 
	  guest ok = Yes 
  basement:~#  

basement:~# smbmount //pc/music /mnt/music 
Password:  
Server requested LANMAN password but 'client use lanman auth' is
disabled
6529: tree connect failed: SUCCESS - 0 
SMB connection failed 
basement:~#

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 4 Sep 2003, Larry Hunter wrote:
>  Server requested LANMAN password but 'client use lanman auth' is
disabled
>  6436: tree connect failed: SUCCESS - 0 
>  SMB connection failed 
> 
> So, reading the documentation, it looks as if I ought to put 'lanman
> auth = yes' in the globals section of my smb.conf.  I do this, and
> then run testparm, and a strange thing happens.  It now reports a
> 'lanman auth' value, but it is 'no'!  See the smb.conf and
testparm
> results below. 
We're working on this.  Set 'client ntlmv2 auth = no' in the
[global]
section and this should give you a workaround for the time being.




cheers, jerry
 ----------------------------------------------------------------------
 Hewlett-Packard            ------------------------- http://www.hp.com
 SAMBA Team                 ---------------------- http://www.samba.org
 GnuPG Key                  ---- http://www.plainjoe.org/gpg_public.asc
 "You can never go home again, Oatman, but I guess you can shop
there."
                            --John Cusack - "Grosse Point Blank"
(1997)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQE/WAzaIR7qMdg1EfYRAhLgAKCDlt31HhyC180nSckv4AelLp+B5ACcCo1T
DObQIsh/ckPRRVUbnqTqmfg=wKaQ
-----END PGP SIGNATURE-----