Use NTLMv2 Authentication with Samba

windows-10 windows samba samba4

Trying to connect to Samba shares on a Linux host with a Windows 10 client, even after setting the client Security Policy to allow non-NTLMv2 authentication, the client still gives errors like "The specified password is not correct." when using valid account credentials.

It sounds like most systems can support NTLMv2 authentication, so I'd like to just enable it on my Samba host and no longer worry about supporting the older protocols. It sounds like Samba defaults to having the NTLMv2 option, but, what parameters do I need to set to satisfy Windows (i.e. use NTLMv2 only)?


Supposedly, Samba's defaults match the following values, but I had to set them explicitly:

lanman auth = no
ntlm auth = yes
client lanman auth = no

Check the Windows registry for the key:

HKLM\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel

If this is set to 0 then Windows will try to connect only using NTLMv1. I have seen this registry key set like this on several Windows 10 machines, and I'm not sure why. However, you can delete this registry key and Windows will revert to its default behavior which is to use NTLMv2 and connect to Samba 4 fine.

Related

RAID vs software defined Block Storage
Is this is a malware invocation of Powershell?
HP P840 HDD RAID 5 many strange drive failures
In Azure Sandbox, can't create a WordPress site [closed]
Life span of Pentium computers
On-line file storage? [closed]
Why is SQL Server Managment Studio so slow to open? [closed]
Starting managed Windows deployment
Installing PHP 5.3 on Ubuntu server
Can an x86 host run x64 guests?
Measure bandwidth usage (GB's transferred) on a linux server
Hardening a financially critical Windows computer