On Wed, 2017-05-24 at 16:18 -0300, Marcio Costa via samba
wrote:> Hello.. My server have this settings in [global] section:
>
> max protocol = smb3
> min protocol = smb2
>
> When I try connect to server using my clients (Centos 7.3/Ubuntu 16.04) I
> can't because clients still trying NT1.
>
> I must explicity add in smb.conf on clients the option ' client max
> protocol = smb3' and the connections works again.
>
> The question is: If I have defined the min and max protocols in server, I
> believe that the automatic negotiation between server and clients must use
> smb2 or smb3, and the client should not try use another protocol (NT1).
> I'm wrong ?
We have not updated the client max protocol because it removes the cifs
unix extension support, as sadly this was not defined swiftly after
smb2 was released. This means we can subsequently negotiate those
extensions, which some folks rely on.
But this fails to consider the situation where only SMB2/3 is offered
(as it should be, given recent security stuff).
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba