[rhn-users] Samba and NTLMv2 don't work with RedHat

Doctor Khumalo doctortechie at hotmail.com
Thu Oct 12 14:43:28 UTC 2006 

Just like the title suggests, Red Hat's version of Samba is having 
difficulty with NTLMv2.

We've moved our network to force PCs to authenticate using NTLMv2 only. The 
same smb.conf works with SuSe servers but not Red Hat servers. Both systems 
worked with NTLMv1 and LM. After moving to NTLMv2, we can no longer access 
Red Hat servers.

To successfully access the Red Hat servers, you MUST use the line

protocol = lanman2

or else Samba won’t allow the shares to connect. If I put that line in the 
smb.conf on Red Hat machines, they will connect but errors pop up when 
synchronizing files from a PC and I can't view files when connecting from a 
Mac.  It appears that the version of Samba on SuSe (v3.0.20b-3.11) allows 
NTLMv2 properly and the Red Hat version of Samba (v3.0.9-1.3E.10) does not.

The redhat-release is: Red Hat Enterprise Linux ES release 3 (Taroon Update 
8)

The uname -a is Linux stroke1 2.4.21-40.ELsmp #1 SMP Thu Feb 2 22:22:39 EST 
2006 i686 i686 i386 GNU/Linux

The output for rpm -qa | grep samba is:
redhat-config-samba-1.0.16-5
samba-common-3.0.9-1.3E.10
samba-client-3.0.9-1.3E.10
samba-3.0.9-1.3E.10


The smb.conf file is shown below (confidential info left out):


# Samba config file created using SWAT
# from localhost (127.0.0.1)
# Date: 2004/06/24 12:18:49

# Global parameters
[global]
        workgroup = GROUP
        netbios name = NAME
        security = SERVER
        password server = 15x.x0.x0.x0
        passwd program = /bin/passwd
        username map = /etc/samba/users.txt
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        local master = No
        wins server = 15x.4x.7x.2x
        server string = NAME
        invalid users = root
        null passwords = no
        #protocol = lanman2
        ntlm auth = no
        client ntlmv2 auth = yes
        client lanman auth = no
        lanman auth = no
        domain master = no
        time server = Yes
        socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
        load printers = No
        printcap name = CUPS

[printers]
        comment = All Printers
        path = /var/spool/samba
        printable = Yes
        browseable = No
        available = No
[home]
        comment = Home
        path = /home
        read only = No

_________________________________________________________________
Be seen and heard with Windows Live Messenger and Microsoft LifeCams 
http://clk.atdmt.com/MSN/go/msnnkwme0020000001msn/direct/01/?href=http://www.microsoft.com/hardware/digitalcommunication/default.mspx?locale=en-us&source=hmtagline

More information about the rhn-users mailing list