Windows computers can not access smb-shares in Lion

*Comment Deleted*

We are having the same issue. After SMB magically stopped working on Snow Leopard again, we tried going ahead with the Lion update, only to find that it has the same issue. Nothing can connect to the Lion server using AD accounts via SMB. Local accounts work via SMB. AD accounts can connect via WEBDAV and AFP. I thought that this would be resolved with Lion. I really don't know what their aversion to using the mainline Samba is. I have several Redhat servers that server SMB perfectly fine to AD accounts. If it wasn't for creator code issues, I would migrate all the data off of this server and shut it down for good.

@Vandy.

No, yours is a different issue. Similarity of symptons ≠ similar cause.

There's no indication whatsoever that the original poster's issue involves Active Directory,

whereas your issue does. Thus you're not having the "same" issue.
You might like to look into discussions of Lion & AD integration issues on the MacEnterprise mailing list as well.

And please: There's no "aversion" to using the current Samba (mainline ? what do you mean ?).
None. It is because of Samba's change to their licensing. It's just. not. up. to. Apple. alone. It's not.

They cannot unilaterally do whatever they want to please you or anyone else. Would that it were that simple, it's not. If you're a legal expert and want to convince Apple's highly knowledgeable and expert legal team that they're wrong, please feel free to pursue it, and offer to take up their legal defense when Samba goes after Apple for violating their current licensing terms.

See

https://discussions.apple.com/thread/3206725?answerId=15892224022#15892224022

Okay... I will open a new thread then.

I was able to get the SMB shares working on my new Lion Server. My Windows users are able to connect via their Open Directory accounts, using the fix by pkaplan2524 'SERVERNAME\user'.

I created the file share in the Server|Fire Share window.

For settings the only thing checked is the 'Share with Windows clients (SMB)' option.

Everything else is unchecked.

For the folder permissions I used the Storage tab from the Hardware server pane in Server app.

I could not connect using the Windows Map Network Drive Wizard, I did the following (I found it from someone somewhere so thank you whoever that was).

1. On the Windows Desktop right-click and click on New|Shortcut.

2. For the location used '\\servername' or '\\ip address' both worked, click Next

3. Name it if you want (I left it default) and click Finish.

4. Double-click on the new shortcut and it asked me for the user credentials. SERVERNAME\username

5. I am able to see all of the shares available to that user.

6. To map the drive to a drive letter, Right-click and choose 'Map network drive...'

7. Choose the drive letter and finish. (I did not check Connect using diffferent credentials'.

I also tried the regedit fix from mambro and the Kerberos chances by davidh but that did not work for me.

I hope that helps.

techgal, despite what is said here, Samba (released in L ansd SL) worked very nicely. I had to configure permissions in Win vista and 7. That seems to be the case because Microsoft networking is Microsoft's and they change it regularly. Samba kept up with Microsoft for years on Linux and Unix. Now with Lion, Apple will be playing catch-up with Microsoft. Their first attempt in Lion was pretty darn poor. The new utility to serve SMB files is called netbiosd. It seems to me that the other direction (Apple to windows using SMB) may work better but is very slow. That would be the mount_smbfs which is also a newly created samba replacement. I have worked for years in UNIX shop's doing these sorts of things and it is apparent that the Samba utility both client and server were taken lightly. You are speaking in this thread of the new Apple Netbiosd which responds to requests for files on the Apple server using the SMB protocol. Since LION changed from nmbd/smbd to Netbiosd, the complete file system services for Microsoft networking (SMB) has changed. I suggest you stay where you are until Apple will admit there is a problem and provide a more robust SMB implementation.

After several full Saturdays and Sundays chasing this down (and about 300 restarts), I have my Windows to Apple SMB Share connectivity issue narrowed down and worked around. This applies to OSx 10.7.0 and 10.7.1 on a MacMini (7/2011 Server w/SSD) with Shares under SMB, being connected to by Windows 7.

Basic Environment:

IF

1) you restart OSx and your Windows systems CANNOT connect because you get a prompt for userid/password or a not accessable message AND

2) after 2 or 3 minutes you can Start and Stop SMB Sharing with either Server.app (File Sharing) or Preferences/Sharing/File Sharing/Options/SMB on/off (individual IDs do _not_ have to be turned on / off) AND

3) the userid and password are exactly the same on both the client (Win7 or OSx) and the Sharing system AND

4) then Windows sytems can connect

Then the problem is a Race Condition in the Services Startup of OSx. The SMB service is dependent on some security process (guessing) which is completely late in the startup cycle.

You can test this with the following commands in a terminal window (AFTER the system is up and quiesced):

sleep 60

sudo serveradmin stop smb

sleep 5

sudo serveradmin start smb

After talking to Apple Enterprise Support to confirm the issue, I moved the above commands into a launchd script as a work around (this is NOT recommended unless you know what you're doing). Note the initial 60 second sleep - 30 seconds was not long enough. This has been filed with Apple Enginering, they'll figure out what to do about it going forward.

Part of my problem, is that I'm on a new MacMini (7/2011) which boots from local SSD, it just boots up too fast. If you're on a slower older system - this should not be an issue.

Some other things which I learned on this journey:

1) Do not use unload/load of the SMB plist - that does not work for this issue

2) OD accounts do not work. Wish they would, they dont

3) Hacking the windows registry with LanMan changes to support the previous Samba SMB release (10.6.x and lower) is NOT the problem with any 10.7 release. OSx 10.7 Supports SMB2, as does Vista and Win7.

Message was edited by: LostLib

hi,

i have an xtreamer mediaplayer and osx lion.

how can i configure my mac or xtreamer , so that i can stream again.

i used smb with snow leopard, but after upgrade to lion, the problem starts.

my xtreamer sees my mac, but continously asks for network id and password, even if i login as guest, which i always did in SL.

do you have any solutions?

i'm trying to solve this problem now for many weeks.

i hope you can and will help me.

greetings,

ernest.

I had the same problem after upgrade to lion:

Then I found in /Library/Preferences/SystemConfiguration/com.apple.smb.server.plist the NetBIOSName "lion". Not the ServerName. (After I used lion\userid instead of ServerName\userid I could logon, but it was not what I want).

With serveradmin I found the same:

sudo serveradmin settings smb

...

smb:NetBIOSName = "lion"

...

So I changed

sudo serveradmin setings smb:NetBIOSName = "ServerName"

No it works like before the upgrade to lion.

Hope this helps someone

hi ,

thanxx,

but what do you mean by netbiosname = servername?

hope you can explain me .

greetings ,

ernest.

Hi ernest

Yes - correct I should write:

sudo serveradmin setings smb:NetBIOSName = "<ServerName>"

I set the same Servername as I use in Computername etc. so it works fine for me.

@mambro

Your suggested registry tweak WORKED!

I've spent hours trying to find a solution. Thank you!

I have the same problem on my XTreaMer.

I log in with my user account I see the maps> but then I have to give a usr name and psw ? ?

are you sure that you are in the right thread? we are talking from windows connect to a mac with samba...

Hi LostLib,

Many thanks - you saved me from the madhouse.

Before stopping and starting SMB the messages in /private/var/log/krb5kdc/kdc.log invariably had been:

2011-10-10T16:57:56 digest-request: init request

2011-10-10T16:57:56 digest-request: init return domain: BUILTIN server: G-DATOR-S

2011-10-10T16:57:56 digest-request: uid=0

2011-10-10T16:57:56 digest-request: user=G-DATOR-S\\thomas

2011-10-10T16:57:56 NTLM domain not configured

2011-10-10T16:57:56 digest-request: kdc failed with 36150275 proto=unknown

2011-10-10T16:57:56 digest-request: guest failed with 22 proto=ntlmv1-with-v2-session

Then I tried it your way:

sudo serveradmin stop smb

wait a few seconds

sudo serveradmin start smb

Now I can connect, and the message is:

2011-10-10T17:15:59 digest-request: init request

2011-10-10T17:15:59 digest-request: init return domain: G-DATOR-S server: G-DATOR-S

2011-10-10T17:15:59 digest-request: uid=0

2011-10-10T17:15:59 digest-request: user=G-DATOR-S\\thomas

2011-10-10T17:15:59 digest-request kdc: ok user=G-DATOR-S\\thomas proto=ntlmv1 flags: NEG_KEYEX, ENC_128, NEG_VERSION, NEG_TARGET_INFO, NEG_NTLM2, NEG_ALWAYS_SIGN, NEG_NTLM, NEG_SIGN, NEG_TARGET, NEG_UNICODE

Amazing!

I'm running the Lion server in a VMware machine inside my MacBook Pro (SSD). I always thought that that's a slow combination, but from your words it follows that it's not sooo bad :-)

Following your advice, I created a launchd script:

sudo su -

cd /System/Library/LaunchDaemons

cat > com.gutzmann.restart_smb.plist <<@@EOF

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">

<plist version="1.0">

<dict>

<key>Label</key>

<string>com.gutzmann.restart_smb</string>

<key>ProgramArguments</key>

<array>

<string>/bin/bash</string>

<string>-c</string>

<string>sleep 60&#59;serveradmin stop smb&#59;sleep 5&#59;serveradmin start smb</string>

</array>

<key>RunAtLoad</key>

<true/>

</dict>

</plist>

@@EOF

launchctl load com.gutzmann.restart_smb.plist

Thank you very much again,

Thomas