I have some old boxes called Auditron that use an ancient version of
Windows CE. These clients worked fine on Fedora 19 with Samba 3.
I have now upgraded to Fedora 22 and Samba 4, and now these old boxes no
longer connect.
This is the config file I am using that was working fine:
# Global parameters
[global]
netbios name = MEDIA
server string = %v Samba on %h
interfaces = 172.16.2.3/255.255.255.0
bind interfaces only = Yes
security = USER
map to guest = Bad User
private dir = /opt/samba-media/private
passdb backend = tdbsam:/opt/samba-media/private/passdb.tdb
lanman auth = Yes
max log size = 100000
write raw = No
unix extensions = No
deadtime = 1
keepalive = 30
load printers = No
wins support = Yes
lock directory = /opt/samba-media/var/locks
state directory = /opt/samba-media/var/locks/state
cache directory = /opt/samba-media/var/locks/cache
pid directory = /opt/samba-media/var/locks
ncalrpc dir = /opt/samba-media/ncalrpc
winbindd socket directory = /opt/samba-media/var/winbindd
winbindd privileged socket directory =
/opt/samba-media/var/winbindd_privileged
idmap config * : backend = tdb
use client driver = Yes
case sensitive = No
[audio]
comment = Audio
path = /export/home2/media/audio
force user = media
force group = users
group = users
create mask = 0775
force create mode = 0664
force directory mode = 0664
guest ok = Yes
wide links = Yes
log file:
[2016/04/15 21:22:00.380811, 3]
../libcli/auth/ntlm_check.c:443(ntlm_password_check)
ntlm_password_check: Lanman passwords NOT PERMITTED for user atron
[2016/04/15 21:22:00.380816, 4]
../libcli/auth/ntlm_check.c:480(ntlm_password_check)
ntlm_password_check: Checking LMv2 password with domain
[2016/04/15 21:22:00.380828, 4]
../libcli/auth/ntlm_check.c:509(ntlm_password_check)
ntlm_password_check: Checking LMv2 password with upper-cased version
of domain
[2016/04/15 21:22:00.380834, 4]
../libcli/auth/ntlm_check.c:537(ntlm_password_check)
ntlm_password_check: Checking LMv2 password without a domain
[2016/04/15 21:22:00.380840, 4]
../libcli/auth/ntlm_check.c:568(ntlm_password_check)
ntlm_password_check: Checking NT MD4 password in LM field
[2016/04/15 21:22:00.380861, 3]
../libcli/auth/ntlm_check.c:587(ntlm_password_check)
ntlm_password_check: LM password, NT MD4 password in LM field and
LMv2 failed for user atron
Did Samba 4 drop all support for lanman authorization?
Googling the error messages, the supposed solution is to add lanman auth
= yes and restart, but I already have that. The user is in the
smbpasswd file.
Thanks for any help
On Fri, 2016-04-15 at 22:02 -0500, Samba user wrote:> I have some old boxes called Auditron that use an ancient version of > Windows CE. These clients worked fine on Fedora 19 with Samba 3. > > I have now upgraded to Fedora 22 and Samba 4, and now these old boxes > no > longer connect.> log file: > [2016/04/15 21:22:00.380811, 3] > ../libcli/auth/ntlm_check.c:443(ntlm_password_check) > ntlm_password_check: Lanman passwords NOT PERMITTED for user atron > [2016/04/15 21:22:00.380816, 4]> > Did Samba 4 drop all support for lanman authorization? > > Googling the error messages, the supposed solution is to add lanman > auth > = yes and restart, but I already have that. The user is in the > smbpasswd file.Yes, but do they have an LM password stored? We don't store them if lanman auth is disabled, so you have to set the password again to store the weaker hash. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
Apparently Analagous Threads
- SAMBA Interdomain Trust relationships
- samba bad password count reset between logins (not loaded from login_cache.tdb)
- samba bad password count reset between logins (not loaded from login_cache.tdb)
- Password trouble with LDAP (eDirectory)
- samba bad password count reset between logins (not loaded from login_cache.tdb)