What version of Vista are you talking about? I use Vista Business and Ultimate but if you are using Vista Home or Premium, then you need to edit your registry. Start:Run:regedit, change the value of HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\LMCompatibilityLevel from a 3 to a 1.
However I did completely overlook the obvious way to solve this, you could enable NTLMv2 support in your smb.conf. By default NTLMv2 auth is not enabled. You would have to add the following and restart smbd: client ntlmv2 auth = yes >From the smb.conf man page: client ntlmv2 auth (G) This parameter determines whether or not smbclient(8) will attempt to authenticate itself to servers using the NTLMv2 encrypted pass- word response. If enabled, only an NTLMv2 and LMv2 response (both much more secure than earlier versions) will be sent. Many servers (including NT4 < SP4, Win9x and Samba 2.2) are not compatible with NTLMv2. Similarly, if enabled, NTLMv1, client lanman auth and client plain- text auth authentication will be disabled. This also disables share-level authentication. If disabled, an NTLM response (and possibly a LANMAN response) will be sent by the client, depending on the value of client lanman auth. Note that some sites (particularly those following âbest practiceâ security polices) only allow NTLMv2 responses, and not the weaker LM or NTLM. Default: client ntlmv2 auth = no Andrew Philipoff Programmer Analyst Information Technology Services Department of Medicine University of California, San Francisco Phone: 415-476-1344 Help Desk: 415-476-6827 -----Original Message----- From: Robert Pollard [mailto:[EMAIL PROTECTED] Sent: Thursday, January 24, 2008 2:13 PM To: Philipoff, Andrew; samba@lists.samba.org Subject: Re: [Samba] Windows Vista password dialog keeps coming up I don't have "Local Security Policy" option in the Administrative menu. Is this something else they left out that I have to manually install? ----- Original Message ----- From: "Philipoff, Andrew" <[EMAIL PROTECTED]> To: "Robert Pollard" <[EMAIL PROTECTED]>; <samba@lists.samba.org> Sent: Thursday, January 24, 2008 3:56 PM Subject: RE: [Samba] Windows Vista password dialog keeps coming up I don't know the answer to your first question. To edit this local security policy on a Vista system: Start:Programs:Administrative Tools:Local Security Policy:Local Policies:Security Options:Network Security:LAN Manager authentication level. In the pull-down menu select "Send LM & NTLM - use NTLMv2 session security if negotiated" Then click on the Apply button. It might ask you to reboot the system. Andrew Philipoff Programmer Analyst Information Technology Services Department of Medicine University of California, San Francisco Phone: 415-476-1344 Help Desk: 415-476-6827 -----Original Message----- From: Robert Pollard [mailto:[EMAIL PROTECTED] Sent: Thursday, January 24, 2008 1:46 PM To: Philipoff, Andrew; samba@lists.samba.org Subject: Re: [Samba] Windows Vista password dialog keeps coming up 2 questions: 1. Why does 2 accounts work fine and the third one not? 2. How do you set the local security policy? What app do you use? Thanks! ----- Original Message ----- From: "Philipoff, Andrew" <[EMAIL PROTECTED]> To: "Robert Pollard" <[EMAIL PROTECTED]>; <samba@lists.samba.org> Sent: Thursday, January 24, 2008 3:42 PM Subject: RE: [Samba] Windows Vista password dialog keeps coming up By Default Vista clients expect that SMB connections will use NTLMv2 only. You could set the Vista client local security policy to "Send LM & NTLM - use NTLMv2 session security if negotiated". Andrew Philipoff Programmer Analyst Information Technology Services Department of Medicine University of California, San Francisco Phone: 415-476-1344 Help Desk: 415-476-6827 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert Pollard Sent: Thursday, January 24, 2008 1:34 PM To: samba@lists.samba.org Subject: [Samba] Windows Vista password dialog keeps coming up Hi, I have come to my wits end again (lately, it's a very short trip). I have been trying to connect to Samba 3.0.21b but Windows keeps throwing up the logon dialog. I'm using "Map network drive" to try to mount this share. It seems the problem is only on the Windows side since I have tested the connection through the Unix account. Both user id and password work fine. I've tested it through the command line on the Unix server using "smbclient //cva/cva_images -U cva" and it works fine there since it gives me the smb prompt and I can execute commands (ls to look at the directory, etc.). For some reason I cannot authenticate through Windows (Vista by the way). I have 2 other accounts and they work fine. Anything you see in the file that may be something that is stupid please point it out. SMB/NetBIOS, etc. is all relatively new to me. BTW, I've tried it without valid users and it doesn't work. The "images" and "bernardy_images" mounts work fine. No authentication problems. smb.conf content: # Samba config file created using SWAT # from 192.168.1.103 (192.168.1.103) # Date: 2008/01/24 15:29:49 [global] netbios aliases = bernardy, kullback, cva wins support = Yes valid users = im_user, bernardy [bernardy_images] comment = Bernardy images for viewing path = /data/images/image_viewing/bernardy username = bernardy valid users = bernardy, im_user, Robert read list = bernardy, Robert write list = Robert, im_user read only = No [homes] comment = Home Directories invalid users = root, admin, bin, daemon, sys, adm, uucp, nuucp, smmsp, listen, gdm, webservd, rpollard, mysql valid users = im_user, bernardy, kullback, cva [images] comment = Image administrator access point path = /data/images username = im_user valid users = im_user read only = No [kullback_images] comment = Viewing directory for Kullback path = /data/images/image_viewing/kullback username = kullback valid users = im_user, kullback read list = kullback, im_user write list = im_user read only = No [cva_images] comment = CVA image viewing directory path = /data/images/image_viewing/cva username = cva valid users = cva, im_user, Robert read list = im_user, cva, Robert write list = im_user, Robert read only = No -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba