On Fri, 3 Nov 2023 12:27:57 +0100
cYuSeDfZfb cYuSeDfZfb via samba <samba at lists.samba.org> wrote:
> Hi,
>
> I have configured my (RHEL9) standalone samba server with "ntlm auth
> disabled" because we understand that ntlm should be disabled nowadays.
>
> However, we can no longer use smbclient (4.17) to connect to that
> server, as:
>
> session setup failed: NT_STATUS_NTLM_BLOCKED
>
> We have also set these on the server:
> client signing = mandatory | server signing = mandatory | smb
> encrypt = mandatory
>
> How dangerous would it be to keep ntlm enabled? We do need to support
> smbclient access. What else can we do to enable smbclient access?
>
> Thank you!
I think you are confusing NTLMv1 (which you shouldn't use) and NTLMv2.
Samba has had NTLMv1 turned off since 4.7.0 , if you want file sharing,
you need NTLMv2.
Rowland