flur

Q: Yosemite SMB from XP/Win8

I am unable to connect to the SMB share on my newly upgraded Yosemite machines from a Windows client.   I could connect fine in Mavericks.   I can connect fine via smbclient on a linux machine.  

 

Oct 20 12:19:34 orchard.lan digest-service[1173]: digest-request: uid=0

Oct 20 12:19:34 orchard.lan digest-service[1173]: digest-request: od failed with 2 proto=lm

Oct 20 12:19:34 orchard.lan digest-service[1173]: digest-request: user=\

Oct 20 12:19:34 orchard.lan digest-service[1173]: digest-request: kdc failed with -1561745597 proto=unknown

Oct 20 12:19:34 orchard.lan digest-service[1173]: digest-request guest: ok user=ORCHARD\GUEST proto=lm flags: NEG_KEYEX, ENC_128, NEG_VERSION, NEG_TARGET_INFO, NEG_NTLM2, NEG_ALWAYS_SIGN, NEG_ANONYMOUS, NEG_NTLM, NEG_SIGN, NEG_TARGET, NEG_UNICODE

Oct 20 12:19:34 orchard.lan digest-service[1173]: digest-request: uid=0

Oct 20 12:19:34 orchard.lan digest-service[1173]: digest-request: init request

Oct 20 12:19:34 orchard.lan digest-service[1173]: digest-request: init return domain: ORCHARD server: ORCHARD indomain was: <NULL>

Oct 20 12:19:34 orchard.lan digest-service[1173]: digest-request: uid=0

Oct 20 12:19:34 orchard.lan digest-service[1173]: digest-request: init request

Oct 20 12:19:34 orchard.lan digest-service[1173]: digest-request: init return domain: ORCHARD server: ORCHARD indomain was: <NULL>

Oct 20 12:19:34 orchard.lan digest-service[1173]: digest-request: uid=0

Oct 20 12:19:34 orchard.lan digest-service[1173]: digest-request: od failed with 2 proto=ntlmv1-with-v2-session

Oct 20 12:19:34 orchard.lan digest-service[1173]: digest-request: user=EEEPC\flur

Oct 20 12:19:34 orchard.lan digest-service[1173]: digest-request: kdc failed with -1561745600 proto=ntlmv1

Oct 20 12:19:34 orchard.lan digest-service[1173]: digest-request: guest failed with -1561745590 proto=ntlmv1-with-v2-session

Posted on Oct 20, 2014 9:21 AM

Close

Q: Yosemite SMB from XP/Win8

  • All replies
  • Helpful answers

Previous Page 2
  • by BlackF1re83,

    BlackF1re83 BlackF1re83 Jan 28, 2015 12:36 AM in response to NaseerKhan
    Level 1 (0 points)
    Jan 28, 2015 12:36 AM in response to NaseerKhan

    Has anyone of you tested the SMB share under a XSAN 10.10 environment?

    I recently setup an Xsan 4 Full yosemite 10.10.1 with OS X Server 4.0.3
    The MDC1 and 2 are properly configured as DNS and OD master and Replica

    Every workstation that regularly mount the Xsan volume, access to the San with an "Edit" user with ID 502
    The resharing in AFP and SMB is done byt the MDC servers by a simple local user named "share", always with ID 502. No special permissions. The simplest of the simplest with R/W to everyone

    The network resharing in connected from a Mac works flawlessly in both AFP and SMB. I can mount the Volume, read and write everything without issues.

    The network connection from a windows machine is causing me troubles.
    I can access the Volume with the user "share", and also map it regularly as network drive.
    I can see all the files
    I can access and create folders, and also delete folders (if empty)
    BUT
    I canNOT copy files inside the Xsan volume, nor copy them from the Xsan Volume to the Windows desktop.
    When i try toi copy a file, Ihe progression bar of the copy on windows appears, showing that he's copying, but always not moving, and generate files of 0kb. I do not receive any error message. It just stays there stuck. This happens in both way, copying into the Xsan volume, or copying from.
    No denied access, no errors at all.
    No firewall, no antivirus running, tested on Windows 7, 8 and 8.1 and different physical machines

    Same result connecting with Admin account 501

    The volume has been created twice to test this: tried both with Native Extended Attributes enabled or Disabled. Same problem.

    Also doing the settings described in this topic does not solve it

    Do you have any idea for this issues?

    One last thing: If i share a LOCAL folder (DAS),  i do not have any issues with that folder, and windows works perfectly

    I've always shared an Xsan volume on Windows, since OS Leopard 10.5, till Maverick 10.9.5 without issues, and now this.
    Could it be an OD problem?

    Thanks you very much for your time

  • by BlackF1re83,

    BlackF1re83 BlackF1re83 Jan 28, 2015 8:15 AM in response to BlackF1re83
    Level 1 (0 points)
    Jan 28, 2015 8:15 AM in response to BlackF1re83

    Partial Solution: SMB 1 protocol, works !!!

    I'll write it also here, to inform you.

     

    Today i've tried to force old versions of SMB protocol from the windows client

    using the commands described here (reboot the windows workstation to take effect):
    http://kb.bodhost.com/steps-to-enable-and-disable-smbv1-smbv2-and-smbv3-...

    I've forced the deactivation of SMB 2 and 3, leaving only SMB 1 active:

    Open the command line (as administrator) on the windows machine.

    To disable the SMBv2 and SMBv3 on the SMB client, use the below commands:

    sc.exe config lanmanworkstation depend= bowser/mrxsmb10/nsi
    sc.exe config mrxsmb20 start= disabled

    Enable the SMBv1 on the SMB client with the below commands (if, for any reason, is not already running):

    sc.exe config lanmanworkstation depend= bowser/mrxsmb10/mrxsmb20/nsi
    sc.exe config mrxsmb10 start= auto

    In this mode, the smb share of the xsan volume works properly.
    No way instead with smb 2 and 3.

    Tested on both Windows 7 and 8, the good old SMB 1 is functioning.

    The incredible thing is this problem only affects Xsan volumes, while DAS volumes works properly in SMB 2 and 3 on windows.

    That's why i'm not so sure it may be only an SMB 3 share issue, but also something related to the OD.

    Maybe forcing the share to the old SMB 2, but i have no idea how to do this on Yosemite.

    I'll keep you posted on this.

    Meantime, i hope i've been of some help.

  • by eweiland,

    eweiland eweiland Jan 28, 2015 11:51 AM in response to flur
    Level 1 (0 points)
    Jan 28, 2015 11:51 AM in response to flur

    If you don't have admin control of your Windows PC, follow this link:

     

    NTLMv1 for SMB shares

     

    https://discussions.apple.com/thread/6754792

  • by idfubar,

    idfubar idfubar Jul 30, 2015 6:10 PM in response to rebelscum75
    Level 1 (0 points)
    Desktops
    Jul 30, 2015 6:10 PM in response to rebelscum75

    rebelscum75 wrote:

     

    Could you try (a) turn samba off and on again in sharing

    or (b) change the local security policy on your PC. (borrowed from here http://www.jimmah.com/vista/net/ntlm.aspx)

    1. Click Start
    2. Click Control Panel
    3. Click System and Maintenance
    4. Click Administrative Tools
    5. Double-Click Local Security Policy
    6. In the left pane, click the triangle next to Local Policy
    7. In the left pane, click Security Options
    8. In the right pane near the bottom, double-click "Network security: LAN manager authentication level"
    9. Click the drop-down box, and click "Send LM & NTLM - use NTLMv2 session security if negotiated"
    10. Click OK

     

    Can anyone confirm whether changing the suggested setting (given a default configuration) is sufficient to re-establish Windows file-sharing compatibility between Yosemite and Windows 7 clients?  My attempts to duplicate success by following the given procedure were not successful & the solution has been posted to more than one Apple Discussions thread.

     

    Although the subsequent responses suggest choosing 'Send NTLMv2 response only' (or, equivalently, manually setting the registry value to "3") it should be noted that (even if successful in solving the original incompatibility issue introduced with Yosemite and the default use of SMB3) in so doing compatibility with older Windows clients is affected; an equivalently limited solution would be force the Mac host to use SMB1/SMB2 as it did since OS X 10.5 (and as can be implemented with equal haste: NTLMv1 for SMB shares)...

     

    PS:  Given the history of Samba protocol transparency it seems... inconceivable... that Apple would have changed the default setting to forcing SMB3 only without affording some measure of compatibility to Windows clients such that a compatibility setting allowing for the most universal compatibility, i.e. protocol negotiation via use of SMB3-compatible settings (e.g. via "Send LM & NTLM - use NTLMv2 session security if negotiated"), would somehow not function; given the history of the Microsoft anti-trust saga and the ensuing period of "oversight" it seems doubly inconceivable that discounting Apple development competence would account for the same.

  • by obie_wan778,

    obie_wan778 obie_wan778 Oct 22, 2015 1:51 AM in response to s2000man1
    Level 1 (0 points)
    Oct 22, 2015 1:51 AM in response to s2000man1

    Just to bump this excellent thread for other desperate people. This helped me getting my windows machines to access my SMB shares on my mac running El Capitan as well, thanks a million!

  • by chin young,

    chin young chin young Apr 1, 2016 7:03 AM in response to s2000man1
    Level 1 (4 points)
    Apr 1, 2016 7:03 AM in response to s2000man1

    Can you believe your response has been saving the day until today?

     

    A million thanks!

     

    Chee

  • by MurffTurf,

    MurffTurf MurffTurf Jun 8, 2016 9:41 AM in response to flur
    Level 1 (4 points)
    Jun 8, 2016 9:41 AM in response to flur

    Again this worked for me after a few frustrating days of looking for a solution! I had some trouble after upgrading to Yosemite but I got it working I think just by stopping and restarting Open Directory (even though I had read I shouldn't need that any longer). But after upgrading to El Capitan my Windows 7 computers stopped connecting to the Mac shares again. I tried stopping and restarting OD but no effect this time. I finally found this thread and changing the Windows Local Security policy to only send NTLMv2 worked! Thank you thank you thank you!!! And now I have turned OD off and it the everything still seems to be working.

  • by flalathrop,

    flalathrop flalathrop Sep 13, 2016 3:24 PM in response to flur
    Level 1 (4 points)
    Sep 13, 2016 3:24 PM in response to flur

    Clap Clap

    Tim Shouse

     

    Thanks so much!!

Previous Page 2