Web lists-archives.com

Re: [Samba] Using MS-DOS client




On Mon, 24 Dec 2018, Luke Barone via samba wrote:

Thanks, Luke.  Unfortunately that makes no difference.  Still getting:

Error 5: Access has been denied

at the MS_DOS console.

Try adding "server max protocol = nt1" in the [global] section?

On Mon, Dec 24, 2018 at 1:59 PM Steven Hirsch via samba <
samba@xxxxxxxxxxxxxxx> wrote:

Hi, all.

I know this is ancient history, but I have a couple of DOS machines that
host older device programming hardware.  I've been able to access an older
version of Samba for years without incident.  Last weekend I upgraded my
server to Ubuntu 18.04, which provides Samba 4.7.6.  Unfortunately, after
hours of frustration I find I'm unable to connect from any of the older
machines.  By cranking up debug, I can see this:

[2018/12/24 16:04:02.012369,  2]
../source3/auth/auth.c:332(auth_check_ntlm_password)
   check_ntlm_password:  Authentication for user [HIRSCH] -> [hirsch]
FAILED with error NT_STATUS_WRONG_PASSWORD, authoritative=1
[2018/12/24 16:04:02.012420,  2]
../auth/auth_log.c:760(log_authentication_event_human_readable)
   Auth: [SMB,(null)] user []\[HIRSCH] at [Mon, 24 Dec 2018
16:04:02.012407
EST] with [LANMan] status [NT_STATUS_WRONG_
PASSWORD] workstation [vmdos] remote host [ipv4:192.168.245.103:38962]
mapped to []\[hirsch]. local host [ipv4:192.168
.245.30:139]
[2018/12/24 16:04:02.012527,  2] ../auth/auth_log.c:220(log_json)
   JSON Authentication: {"timestamp": "2018-12-24T16:04:02.012467-0500",
"type": "Authentication", "Authentication": {"
version": {"major": 1, "minor": 0}, "status": "NT_STATUS_WRONG_PASSWORD",
"localAddress": "ipv4:192.168.245.30:139", "
remoteAddress": "ipv4:192.168.245.103:38962", "serviceDescription":
"SMB",
"authDescription": null, "clientDomain": ""
, "clientAccount": "HIRSCH", "workstation": "vmdos", "becameAccount":
null, "becameDomain": null, "becameSid": "(NULL
SID)", "mappedAccount": "hirsch", "mappedDomain": "", "netlogonComputer":
null, "netlogonTrustAccount": null, "netlogo
nNegotiateFlags": "0x00000000", "netlogonSecureChannelType": 0,
"netlogonTrustAccountSid": "(NULL SID)", "passwordType
": "LANMan"}}

But, the password IS correct and works fine from, e.g. smbclient on
another Linux host.  I've tried setting:

encrypt passwords = no

but it makes no difference (other than to prevent smbclient from working).

On the client, I'm getting 'Error 5'.

Here are my current global settings:

[global]
         workgroup = WORKGROUP
         netbios name = PII
         server string = %h server (Samba, Ubuntu)
         lanman auth = yes
         client lanman auth = yes
         ntlm auth = yes
         lm announce = yes
         lm interval = 30
         dns proxy = No
         encrypt passwords = yes
         username map = /etc/samba/smbusers
         log level = 1
         log file = /var/log/samba/log.%m
         preferred master = Yes
         domain master = Yes
         wins support = yes
         security = user
         passdb backend = tdbsam
         socket options = TCP_NODELAY
         idmap uid = 10000-20000
         idmap gid = 10000-20000
         template shell = /bin/bash
         usershare max shares = 100
         usershare allow guests = yes
         follow symlinks = yes
         wide links = yes
         unix extensions = no

The password was set using 'smbpasswd -a' and - as mentioned - works
properly from other clients.

It is very important to me that I get MS-DOS access working again and
would appreciate any advice or suggestions.  This is for use only on a
home LAN with all incoming outside connections blocked.  Security is not
a concern for me.



--

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

--

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba