Windows 7 Client attached to a domain connecting to a Samba 3.5.2 Server

windows-7 active-directory samba

Solution 1:

Found out the problem thanks to a co-worker looking into it.

The problem is that within our environment, by default, Windows 7 required all SMB packets to be signed. Samba servers, however, do not. So there are two ways to fix this: turn off client signing in Win7 or add a flag to the smb.conf file in the global section as this: 'server signing = auto'. (we were using Samba 3.5.2).

For Windows 7, you can 'fix' this policy by making it more lenient -- going from requiring digital signatures to optionally using it if the server agrees.

Here's how you can use it:

The local windows security policy changes are as follows: Start menu type GPEdit.msc Browse to Computer Configuration->Windows Settings->Security Settings->Local Policies->Security Options Look for "Microsoft network client: Digitally sign communications (always)" and change it to Disabled

You may also need to do the same for "Microsoft network client: Digitally sign communications (if server agrees)". In theory this should be negotiated during the negotiate/challenge phase of NTLM but it may fail; NTLM doesn't explicitly demand any real negotiation.

Related

(Powershell) Method to return a list of groups where a specific user has 'write member' security
How to get an text list of login names for a user group of a windows server
How to protect my credit card transaction data from hackers proxy server? [closed]
Best failover strategy for e-mail servers on AWS to ensure high availability
openvpn: after changing to server mode, client does not create TUN device
Python equivalent to Heroku
Cisco ASA rewriting SMTP traffic to prevent mail sending
Removing mysql with yup ... does it remove the data?
where is the "module" a command coming from - aka why it doesn't show up in alias?
"I/O Error Occurred" in vSphere Client working with ESXi
openvz and iptables
SMTP server works, but telnet to port 25 does not