Daniel Carrasco
2017-Oct-30 10:05 UTC
[Samba] Unable to authenticate with Samba 4.5 from XP box
Hello,
I've a computer that has XP for compatibility purposes and is outside the
domain.
I'm trying to mount some shares that are on a Member Server with Samba 4.5
but always get an error saying that password is wrong. All other computers
can enter to shares without problem and I'm sure that the password is OK
because I can login on Windows 7 computer and even I've mounted a share
from another Windows 7 computer that is also outside the domain, so looks
like is a problem with that XP Computer.
Is there any way to allow to an XP user to login into Samba 4.5 share?
I've already tried this three options:
ntlm auth = yes
raw NTLMv2 auth = yes
lanman auth = yes
And using IP limitation instead user login works fine.
Thanks!!
--
_________________________________________
Daniel Carrasco Marín
Ingeniería para la Innovación i2TIC, S.L.
Tlf: +34 911 12 32 84 Ext: 223
www.i2tic.com
_________________________________________
L.P.H. van Belle
2017-Oct-30 10:21 UTC
[Samba] Unable to authenticate with Samba 4.5 from XP box
Try this: Goto the policy editor. The computer settings. Security Settings\\Local Policies\\Security Option Change : Network security: LAN Manager authentication level" And set : only use NTLMv2 authentication Reboot the computer 2 times. And test again. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Daniel Carrasco via samba > Verzonden: maandag 30 oktober 2017 11:06 > Aan: samba at lists.samba.org > Onderwerp: [Samba] Unable to authenticate with Samba 4.5 from XP box > > Hello, > > I've a computer that has XP for compatibility purposes and is > outside the > domain. > I'm trying to mount some shares that are on a Member Server > with Samba 4.5 > but always get an error saying that password is wrong. All > other computers > can enter to shares without problem and I'm sure that the > password is OK > because I can login on Windows 7 computer and even I've > mounted a share > from another Windows 7 computer that is also outside the > domain, so looks > like is a problem with that XP Computer. > > Is there any way to allow to an XP user to login into Samba 4.5 share? > > I've already tried this three options: > ntlm auth = yes > raw NTLMv2 auth = yes > lanman auth = yes > > And using IP limitation instead user login works fine. > > Thanks!! > > -- > _________________________________________ > > Daniel Carrasco Marín > Ingeniería para la Innovación i2TIC, S.L. > Tlf: +34 911 12 32 84 Ext: 223 > www.i2tic.com > _________________________________________ > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Rowland Penny
2017-Oct-30 10:30 UTC
[Samba] Unable to authenticate with Samba 4.5 from XP box
On Mon, 30 Oct 2017 11:05:52 +0100 Daniel Carrasco via samba <samba at lists.samba.org> wrote:> Hello, > > I've a computer that has XP for compatibility purposes and is outside > the domain. > I'm trying to mount some shares that are on a Member Server with > Samba 4.5 but always get an error saying that password is wrong. All > other computers can enter to shares without problem and I'm sure that > the password is OK because I can login on Windows 7 computer and even > I've mounted a share from another Windows 7 computer that is also > outside the domain, so looks like is a problem with that XP Computer. > > Is there any way to allow to an XP user to login into Samba 4.5 share? > > I've already tried this three options: > ntlm auth = yes > raw NTLMv2 auth = yes > lanman auth = yes > > And using IP limitation instead user login works fine. > > Thanks!! >It should be able to connect from the XP machine, but it depends on both being setup correctly, so can you post the smb.conf from the 4.5 computer. Rowland
Daniel Carrasco
2017-Oct-30 11:19 UTC
[Samba] Unable to authenticate with Samba 4.5 from XP box
Thanks L.P.H and Rowland, I've just tested the L.P.H solution and after reboot I'm able to authenticate with the member server without problem. Is slow listing folders with much objects but works (maybe happened always). Here's my smb.conf: [global] workgroup = DOMAIN security = ADS realm = DOMAIN.COM server role = member server dedicated keytab file = /etc/krb5.keytab kerberos method = secrets and keytab idmap config *:backend = tdb idmap config *:range = 3000-7999 idmap config ACONFI:backend = rid idmap config ACONFI:schema_mode = rfc2307 idmap config ACONFI:range = 10000-999999 winbind nss info = rfc2307 # winbind trusted domains only = no winbind use default domain = yes # winbind enum users = yes # winbind enum groups = yes winbind offline logon = yes # winbind refresh tickets = Yes # winbind expand groups = 4 winbind normalize names = Yes # domain master = no # local master = no vfs objects = acl_xattr map acl inherit = Yes store dos attributes = Yes log level = 3 # Configuramos la papelera de reciclaje y el audit vfs objects = recycle full_audit # Papelera de reciclaje recycle:repository = /server/share/Papelera/ recycle:keeptree = yes recycle:versions = yes # No recicla ficheros vacios recycle:minsize = 1 # Excluye ficheros temporales recycle:exclude = *.tmp, *.TMP, *.temp, *.TEMP, *.o, *.obj, ~$*, *.lock, *.lck, *.sqlite-wal, *.bak, thumb.db # No recicla ficheros del escaner #recycle:exclude_dir = /server/share/Escaner/ # Audit full_audit:prefix = %u|%I|%m|%R|%S full_audit:success = chmod chmod_acl chown connect disconnect link mkdir pread pwrite read removexattr rename rmdir setxattr unlink write full_audit:failure = none full_audit:facility = LOCAL7 full_audit:priority = NOTICE [Folder] path = /server_ssd/share/folder read only = no browsable = yes valid users = @allowed_group .... And more shares with similar configuration (only changes valid users). Greetings!! 2017-10-30 11:30 GMT+01:00 Rowland Penny via samba <samba at lists.samba.org>:> On Mon, 30 Oct 2017 11:05:52 +0100 > Daniel Carrasco via samba <samba at lists.samba.org> wrote: > > > Hello, > > > > I've a computer that has XP for compatibility purposes and is outside > > the domain. > > I'm trying to mount some shares that are on a Member Server with > > Samba 4.5 but always get an error saying that password is wrong. All > > other computers can enter to shares without problem and I'm sure that > > the password is OK because I can login on Windows 7 computer and even > > I've mounted a share from another Windows 7 computer that is also > > outside the domain, so looks like is a problem with that XP Computer. > > > > Is there any way to allow to an XP user to login into Samba 4.5 share? > > > > I've already tried this three options: > > ntlm auth = yes > > raw NTLMv2 auth = yes > > lanman auth = yes > > > > And using IP limitation instead user login works fine. > > > > Thanks!! > > > > It should be able to connect from the XP machine, but it depends on > both being setup correctly, so can you post the smb.conf from the 4.5 > computer. > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- _________________________________________ Daniel Carrasco Marín Ingeniería para la Innovación i2TIC, S.L. Tlf: +34 911 12 32 84 Ext: 223 www.i2tic.com _________________________________________