Cant access smb share on omv4?

  • Hi, i just did a reinstall from OMV3 to OMV4, and now i cant access my smb shares from windows. I just keep getting password prompts.


    This was a clean install, so i've just recreated the shares thorugh GUI. Now i cant figure out if this is an issue with smb or the fact that my shares are on a disk formatted on the old OMV 3 install... Or maybe ACL has gone wild..


    Any suggestions would be very welcome. I'm on the newest Windows version, but hadn't had any issues on omv3.

  • Please read this very useful guide from @flmaxey: HOW-TO-Browse-Connect-to-OMV-SMB-shares-with-Windows-10


    If your problem is ACL related, then there is a plugin where you can reset all access rights, but I can´t remember just now.

    OMV 3.0.100 (Gray style)

    ASRock Rack C2550D4I C0-stepping - 16GB ECC - 6x WD RED 3TB (ZFS 2x3 Striped RaidZ1) - Fractal Design Node 304 -

    3x WD80EMAZ Snapraid / MergerFS-pool via eSATA - 4-Bay ICYCube MB561U3S-4S with fan-mod

    • Offizieller Beitrag

    there is a plugin where you can reset all access rights, but I can´t remember just now.

    openmediavault-resetperms

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

    • Offizieller Beitrag

    If your problem is ACL related, then there is a plugin where you can reset all access rights, but I can´t remember just now.

    (For OMV4) The plugin is openmediavault-resetperms 3.3


    This was a clean install, so i've just recreated the shares thorugh GUI. Now i cant figure out if this is an issue with smb or the fact that my shares are on a disk formatted on the old OMV 3 install... Or maybe ACL has gone wild..

    You could reset the ACL with the plugin referenced above, set "Others" to read/write, and go from there.


    If you had users defined in OMV3, with ACL's that gave them access to your shares, you'll need to recreate those users in OMV4 and reestablish their permissions to your existing shares.

  • Thank you for ur reply's. I've manually reset the ACL in gui to root+groups read/write, and others read.


    I think i figured it out though. It has something to do with Samba NTLM authentication. The new samba has the following defaults:


    NTLMv1 authentication disabled by default-----------------------------------------
    In order to improve security we have changedthe default value for the "ntlm auth" option from"yes" to "no".
    This may have impact on very oldclients which doesn't support NTLMv2 yet.
    The primary user of NTLMv1 is MSCHAPv2 for VPNs and 802.1x.By default,
    Samba will only allow NTLMv2 via NTLMSSP now,as we have the following default "lanman auth = no","ntlm auth = no" and "raw NTLMv2 auth = no".


    What i dont understand is why a Windows 10 machine wont use ntlmv2 auth, anybody have a clue why this is happening..?

    • Offizieller Beitrag

    Thanks for the note on the newer Samba version (and NTLMv2) in OMV4.

    What i dont understand is why a Windows 10 machine wont use ntlmv2 auth, anybody have a clue why this is happening..?

    Yes, it's called "Microsoft Syndrome". They march to the beat of their own drum, without informing anyone of what they're doing or weighting out potential consequences. Usually their choices are detrimental to all concerned external parties and sometimes even to themselves. They like to call it "Leadership", but I can think of a few other terms that would be more accurate.


    While it's speculation on my part, I believe some of these increasing incompatibilities in Windows 10, to include backward compatibility to older Windows clients and servers, is an attempt to "herd" existing Windows users onto their unified Win10 platform, as previous versions are purged (they call it sun-setting). They'll be careful and calculating as they do this because they won't want to (excessively) anger their business clients.


    (Umm, sorry about the rant... :) )

    • Offizieller Beitrag

    If you haven't found a fix yet, take a look at this. Force NTLM v1 and v2 in Win10, 8, 7. As I understand it, Microsoft Kerberos is now Microsoft's preferred security choice (of course) for network authentication so the negotiation starts there. While it's speculation, in your case, I'm guessing the negotiation didn't drop back to NTLMv2.


    In any case, for small and medium LAN operations, NTLMv1 (NT4 era servers) and NTLMv2 (Server 2K and newer) negotiated connections are fine.


    I haven't upgraded to OMV4 yet but when I do, I'd have no problem with changing Win10 to accept NTLMv1 and v2 by default.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!