Scanning to an OMV share was previously working on OMV v4.0 but now it fails. The last successful scan was April 30th, 2018. Does OMV still support SMB v1 for CIF/SMB Shares?
Current Version: OMV 4.1.27-1 (up to date)
Scanning to an OMV share was previously working on OMV v4.0 but now it fails. The last successful scan was April 30th, 2018. Does OMV still support SMB v1 for CIF/SMB Shares?
Current Version: OMV 4.1.27-1 (up to date)
An SMB share on Windows 10 with SMBv1 enabled has been setup for the interim. It is working properly w/o any issues. I would prefer to scan to the OMV NAS, as that is the centralized file server.
The following actions have been performed to troubleshoot:
OMV NAS has been restarted.
Credentials were tested by accessing with Windows file explorer; creds were even reapplied to be sure.
MFP printer was restarted and unplugged.
IP address of host was used.
Created a new test share with no permissions.
I have been fairly thorough and nothing is working. I work in IT so I know the tricks on the printer side of things to get it working but still no luck.
Does OMV still support SMB v1 for CIF/SMB Shares?
Yes, but it is disabled now for security reasons. Check with CLI> testparm in the [global] section, what your samba settings are. There are several threads in the forum how to enable SMB1 protocol.
testparm does not show output the global or individual share SMB version. I already had tried adding 'client max protocol = SMB1' to Extra Options on the share but that did not work.
I was hoping for an answer on how to configure the Extra Options field of the individual share to get it working. I will review the smb.conf and how to configure it. Once I have that figured out, then i will try using the Extra Options field in the GUI.
testparm does not show output the global or individual share SMB version
Try testparm -s -v | grep protocol
Have you tried ntlm auth = ntlmv1-permitted or client min protocol = NT1?
Have you tried ntlm auth = ntlmv1-permitted or client min protocol = NT1?
As @macon already wrote client min protocol = NT1 enables SMB1 protocol in Samba. The ntlm auth =... line may also be necessary.
Don´t add it to an individual share setting. Add it to the global settings of SMB/CIFS. Don´t edit smb.conf directly.
Saw the NT1 and NTLM syntax when I did some research. Have not tried applying those yet.
I was trying SMB1 which I now realize is incorrect syntax. NT1 is the correct syntax for SMB1.
I will try editing the smb.conf file when I get home. I cracked it open in Nano before work but ran out of time.
Thanks for the grep! That will help. I am not usually navigating Linux, so I forgot about the power of GREP!
*******************************************
Do you know if I can modify the SMB for an individual share, or does it have to be global?
This is only a scan folder so I don't care too much about security on this one folder. I know that SMB1 has been deprecated because crypto malware can traverse SMB1 shares and infect everything. I would like to avoid SMB on the main share to keep it secure and protected. And yes, I do back up everything to cloud but still would like to practice best security.
Thanks for the input and assistance. I will post results when I play with it again tonight.
I will try editing the smb.conf file when I get home.
No, you shouldn´t do this. Your changes may be overwritten by the OMV WebUI, when you change other SMB/CIFS settings later.
Do you know if I can modify the SMB for an individual share, or does it have to be global?
I don´t know this. I would propose to try it first with a global setting. If it works you can switch to a share related setting and make a second try.
Instructional for configuring SMB1
It is working now with the following steps detailed below.
*******************************
STEP 1: Reviewed configuration using CLI
Command 1:
testparm -s -v | grep protocol
Output 1:
client ipc max protocol = default
client ipc min protocol = default
client max protocol = default
client min protocol = CORE
server max protocol = SMB3
server min protocol = LANMAN1
Command 2:
testparm -s -v | grep ntlm
Output 2:
ntlm auth = No
*******************************
Step 2: Modified the configuration under SMB/CIFS> Settings> Extra Options
client min protocol = NT1
ntlm auth = yes
Misstep:
I originally tried SMB/CIFS> Shares> Edit Share> Extra Option.
I was thinking the setting could be modified per share but I was wrong.
Enabling SMB1 must be a global setting.
The system would not accept the ntlm auth = ntlmv1-permitted config change in Extra Options. This was not required.
RESOLUTION:
Scan to folder is working properly now. Thank you for the assistance!
I have daily cloud backups so I am not super concerned about security (aka crypto). A future side project might be a Tunrkey Linux VM (small footprint) to exclusively for a scan folder then I can revert these changes on my main NAS.
Open Source Support has been great, as always! Thanks again so very much!
No problem for the guide. It is a token of appreciation for the always great assistance from the community. Also sure this will continue to be a question so it will save some time in the future.
Registered just to say Thanks, this saved me. Couldn't get my Zappiti or WDTV or Zidoo to log onto shares without it.
Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!