NethServer Version: 7.4.1708 plus all updates Module: nethserver-samba (samba 4.6.2)
Can’t seem to access any non-guest share from a Windows XP computer (XP Pro SP3).
Can happily access the same non-guest share from Win10 computer .
I’m not trying to join the computer to the domain, just access a share from the computer.
Samba log message is domain_client_validate: unable to validate password for user XXXXX in domain to Domain controller YYYYY. Error was NT_STATUS_WRONG_PASSWORD
Since I can access a guest share, is it something to do with how password is encrypted and sent to server for authentication??
I found an old XP VM and could connect as DOMAIN\username to my home share and to a folder with domain users access on my NethServer with samba dc as account provider without XP being a domain member.
You may try to connect via ip instead of servername or other way round. Is your NethServer DNS server of your XP? What if you join your XP to the domain?
I should have guessed I would get at least one of those comments pike! Unfortunately the XP is here to stay for a while longer. It runs some free software that is still better than the best current alternatives. (Its in a VM at least! - nicely contained and only used as required).
Have tried to connect via IP but no more success. The XP box seems to be resolving OK - I can browse to the NS shares and/or use the ip address to get to the machine and it sees the available shares. And since NS server is logging the attempt, it would seem that my attempted access is being seen by NS.
The XP box used to connect to a different computer with the same IP address and same username (the nethserver’s predecessor). The only thing I could think of is that the XP box is somehow holding the old credentials (ie password) and using those rather than the new ones. But I tried to access the shares with a newly created account on NS from XP but that didn’t work either.
Just confirming though should I be using DOMAIN\username, or NETBIOSNAME\username
And is username FQN??
What I have been using works on Windows 10, but not on XP. Maybe there’s some difference??
Maybe it’s a change in the protocol for SMB. Here’s a comment I wrote in the Rune forum after I could no longer connect to the NS shares after upgrading:
OK, it’s the “sec=ntlm” parameter that causes this.
If I enter the exact command as Rune in the command line, I get the “Permission denied” error. If I drop the “sec=ntlm” parameter, or change it to “sec=ntlmssp”, then the mount is successful.
Not sure how you can force XP to alter the behaviour though.
Thanks. That’s the sort of issue it seemed like. I will try those options and if it works, then at least we know the cause and can then look at the best way forward. Will report back!
OK. Adjusting XP policies…
Setting policy to “Send NTLMv2 response only” worked.
Setting policy to “Send LM & NTLM – use NTLMv2 session security if negotiated” did NOT work.
With this setting, no need to modify smb.conf, so that’s good.
.
Would be a good tip for the generic “How-To” section…
I’d first open a new topic “Please tell us your hints and tricks about windows clients”.
" Hi guys, we’re about to create a wiki page about windows troubleshooting, so we need your expereances and solutions for windows problems you solved. Important to know what win version!"…
Then select from the replys the best one and create a wiki page.
The wiki page may be created directly in the wiki. The idea is to collect some windows hints in a new topic here first and put the best ones to the wiki afterwards.