Cant access smb share on omv4?

    • OMV 4.x
    • Cant access smb share on omv4?

      Hi, i just did a reinstall from OMV3 to OMV4, and now i cant access my smb shares from windows. I just keep getting password prompts.

      This was a clean install, so i've just recreated the shares thorugh GUI. Now i cant figure out if this is an issue with smb or the fact that my shares are on a disk formatted on the old OMV 3 install... Or maybe ACL has gone wild..

      Any suggestions would be very welcome. I'm on the newest Windows version, but hadn't had any issues on omv3.
    • cabrio_leo wrote:

      there is a plugin where you can reset all access rights, but I can´t remember just now.
      openmediavault-resetperms
      omv 4.1.14 arrakis | 64 bit | 4.15 proxmox kernel | omvextrasorg 4.1.13
      omv-extras.org plugins source code and issue tracker - github

      Please read this before posting a question and this and this for docker questions.
      Please don't PM for support... Too many PMs!
    • cabrio_leo wrote:

      If your problem is ACL related, then there is a plugin where you can reset all access rights, but I can´t remember just now.
      (For OMV4) The plugin is openmediavault-resetperms 3.3

      Best74 wrote:

      This was a clean install, so i've just recreated the shares thorugh GUI. Now i cant figure out if this is an issue with smb or the fact that my shares are on a disk formatted on the old OMV 3 install... Or maybe ACL has gone wild..
      You could reset the ACL with the plugin referenced above, set "Others" to read/write, and go from there.

      If you had users defined in OMV3, with ACL's that gave them access to your shares, you'll need to recreate those users in OMV4 and reestablish their permissions to your existing shares.

      Video Guides :!: New User Guide :!: Docker Guides :!: Pi-hole in Docker
      Good backup takes the "drama" out of computing.
      ____________________________________
      Primary: OMV 3.0.99, ThinkServer TS140, 12GB ECC, 32GB USB boot, 4TB+4TB zmirror, 3TB client backup.
      Backup: OMV 4.1.13, Intel Server SC5650HCBRP, 6GB ECC, 16GB USB boot, UnionFS+SNAPRAID
      2nd Backup: OMV 4.1.9, Acer RC-111, 4GB, 32GB USB boot, 3TB+3TB zmirror, 4TB Rsync'ed disk
    • Thank you for ur reply's. I've manually reset the ACL in gui to root+groups read/write, and others read.

      I think i figured it out though. It has something to do with Samba NTLM authentication. The new samba has the following defaults:

      NTLMv1 authentication disabled by default-----------------------------------------
      In order to improve security we have changedthe default value for the "ntlm auth" option from"yes" to "no".
      This may have impact on very oldclients which doesn't support NTLMv2 yet.
      The primary user of NTLMv1 is MSCHAPv2 for VPNs and 802.1x.By default,
      Samba will only allow NTLMv2 via NTLMSSP now,as we have the following default "lanman auth = no","ntlm auth = no" and "raw NTLMv2 auth = no".

      What i dont understand is why a Windows 10 machine wont use ntlmv2 auth, anybody have a clue why this is happening..?

      The post was edited 1 time, last by Best74 ().

    • Thanks for the note on the newer Samba version (and NTLMv2) in OMV4.

      Best74 wrote:

      What i dont understand is why a Windows 10 machine wont use ntlmv2 auth, anybody have a clue why this is happening..?
      Yes, it's called "Microsoft Syndrome". They march to the beat of their own drum, without informing anyone of what they're doing or weighting out potential consequences. Usually their choices are detrimental to all concerned external parties and sometimes even to themselves. They like to call it "Leadership", but I can think of a few other terms that would be more accurate.

      While it's speculation on my part, I believe some of these increasing incompatibilities in Windows 10, to include backward compatibility to older Windows clients and servers, is an attempt to "herd" existing Windows users onto their unified Win10 platform, as previous versions are purged (they call it sun-setting). They'll be careful and calculating as they do this because they won't want to (excessively) anger their business clients.

      (Umm, sorry about the rant... :) )

      Video Guides :!: New User Guide :!: Docker Guides :!: Pi-hole in Docker
      Good backup takes the "drama" out of computing.
      ____________________________________
      Primary: OMV 3.0.99, ThinkServer TS140, 12GB ECC, 32GB USB boot, 4TB+4TB zmirror, 3TB client backup.
      Backup: OMV 4.1.13, Intel Server SC5650HCBRP, 6GB ECC, 16GB USB boot, UnionFS+SNAPRAID
      2nd Backup: OMV 4.1.9, Acer RC-111, 4GB, 32GB USB boot, 3TB+3TB zmirror, 4TB Rsync'ed disk

      The post was edited 1 time, last by flmaxey: edit ().

    • If you haven't found a fix yet, take a look at this. Force NTLM v1 and v2 in Win10, 8, 7. As I understand it, Microsoft Kerberos is now Microsoft's preferred security choice (of course) for network authentication so the negotiation starts there. While it's speculation, in your case, I'm guessing the negotiation didn't drop back to NTLMv2.

      In any case, for small and medium LAN operations, NTLMv1 (NT4 era servers) and NTLMv2 (Server 2K and newer) negotiated connections are fine.

      I haven't upgraded to OMV4 yet but when I do, I'd have no problem with changing Win10 to accept NTLMv1 and v2 by default.

      Video Guides :!: New User Guide :!: Docker Guides :!: Pi-hole in Docker
      Good backup takes the "drama" out of computing.
      ____________________________________
      Primary: OMV 3.0.99, ThinkServer TS140, 12GB ECC, 32GB USB boot, 4TB+4TB zmirror, 3TB client backup.
      Backup: OMV 4.1.13, Intel Server SC5650HCBRP, 6GB ECC, 16GB USB boot, UnionFS+SNAPRAID
      2nd Backup: OMV 4.1.9, Acer RC-111, 4GB, 32GB USB boot, 3TB+3TB zmirror, 4TB Rsync'ed disk