dlandon Posted September 25, 2022 Share Posted September 25, 2022 Are you using AD? Quote Link to comment
dlandon Posted September 25, 2022 Share Posted September 25, 2022 It appears this might be from clients on a domain accessing Unraid that is not part of the domain. Quote Link to comment
Uplinkpro Posted September 25, 2022 Author Share Posted September 25, 2022 4 hours ago, dlandon said: Are you using AD? I used to run a domain however i decommissioned the AD and only run a homegroup now. Quote Link to comment
Uplinkpro Posted September 26, 2022 Author Share Posted September 26, 2022 17 hours ago, dlandon said: It appears this might be from clients on a domain accessing Unraid that is not part of the domain. So playing with it all day i got it working on a new pc also on the network just not mine, so i think it has to be something on my windows machine but checking the workgroup is not on a domain so im not sure what else to do on it. Quote Link to comment
MAM59 Posted September 26, 2022 Share Posted September 26, 2022 My current assumption is that one or more GPOs on windows prevent the communication due to security restrictions. But there are dozens of them, and it takes always an hour or more just to try out one of them. This can take ages.... 1 Quote Link to comment
Steffen1156 Posted September 28, 2022 Share Posted September 28, 2022 On 9/26/2022 at 6:48 AM, MAM59 said: My current assumption is that one or more GPOs on windows prevent the communication due to security restrictions. But there are dozens of them, and it takes always an hour or more just to try out one of them. This can take ages.... Hi, I had the same problem as described at the beginning. Edit my local GPO settings have solved the problem for me. In Unraid 6.11 NTLMv1 was disabled, in connection with the new Linux kernel. But this was still stored as default authentication in the local GPOs of my computer. Open your local GPOs and Find "Network Security: LAN Manager authentication level", which is located in Security Settings, Local Policies, Security Options. I have set it to "Send NTLMv2 response only" Description to find the Setting: https://kb.iu.edu/d/atcb Level Overview by Microsoft: https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj852207(v=ws.11)?redirectedfrom=MSDN Quote Link to comment
MAM59 Posted September 28, 2022 Share Posted September 28, 2022 1 minute ago, Steffen1156 said: I have set it to "Send NTLMv2 response only" Lucky you are.. Here it was als NTLMv2 for years already, No V1 installed anymore. Also V1 used port 139 whereas V2 (and newer) use port 445. But the effect vanished here too after 2 days of fiddling. mayby there was a formerly valid access token stored somewhere that needed to timeout to become invalid? Anyway, after about 3 days the mist lifted and everything worked again. Still strange... Quote Link to comment
Uplinkpro Posted September 28, 2022 Author Share Posted September 28, 2022 (edited) 38 minutes ago, Steffen1156 said: Hi, I had the same problem as described at the beginning. Edit my local GPO settings have solved the problem for me. In Unraid 6.11 NTLMv1 was disabled, in connection with the new Linux kernel. But this was still stored as default authentication in the local GPOs of my computer. Open your local GPOs and Find "Network Security: LAN Manager authentication level", which is located in Security Settings, Local Policies, Security Options. I have set it to "Send NTLMv2 response only" Description to find the Setting: https://kb.iu.edu/d/atcb Level Overview by Microsoft: https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj852207(v=ws.11)?redirectedfrom=MSDN Changed that, and immediately was able to login, thanks I was about to reinstall windows >.< Scratch that it worked once then stopped completely again Edited September 28, 2022 by Uplinkpro Quote Link to comment
D.Romeleitis Posted September 30, 2022 Share Posted September 30, 2022 On 9/28/2022 at 9:57 PM, Steffen1156 said: Hi, I had the same problem as described at the beginning. Edit my local GPO settings have solved the problem for me. In Unraid 6.11 NTLMv1 was disabled, in connection with the new Linux kernel. But this was still stored as default authentication in the local GPOs of my computer. Open your local GPOs and Find "Network Security: LAN Manager authentication level", which is located in Security Settings, Local Policies, Security Options. I have set it to "Send NTLMv2 response only" Description to find the Setting: https://kb.iu.edu/d/atcb Level Overview by Microsoft: https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj852207(v=ws.11)?redirectedfrom=MSDN That didn't work for me. Still can't connect. I have the same problem with Android mobile in Total Commander. And there is SMB2 or SMB3 selected... Quote Link to comment
limetech Posted October 4, 2022 Share Posted October 4, 2022 Add this to "Settings/SMB/SMB Extras/Samba extra configuration" ntlm auth = Yes Please report back if this solves connectivity issues. 2 Quote Link to comment
Uplinkpro Posted October 5, 2022 Author Share Posted October 5, 2022 1 hour ago, limetech said: Add this to "Settings/SMB/SMB Extras/Samba extra configuration" ntlm auth = Yes Please report back if this solves connectivity issues. Im not able to test that sorry, I fully reinstalled windows 11 and now it works just fine. Hopefully that fix helps someone. 1 Quote Link to comment
limetech Posted October 5, 2022 Share Posted October 5, 2022 1 minute ago, Uplinkpro said: Im not able to test that sorry, I fully reinstalled windows 11 and now it works just fine. Hopefully that fix helps someone. Probably win11 comes configured out of the box to not support NTLMv1 which is insecure. Quote Link to comment
Frank1940 Posted October 5, 2022 Share Posted October 5, 2022 2 minutes ago, limetech said: Probably win11 comes configured out of the box to not support NTLMv1 which is insecure. Absolutely True! It can be turned on in Win10 but not sure if this is the case with Win11. Quote Link to comment
Bodzio0 Posted November 12, 2022 Share Posted November 12, 2022 On 10/5/2022 at 12:55 AM, limetech said: Add this to "Settings/SMB/SMB Extras/Samba extra configuration" ntlm auth = Yes Please report back if this solves connectivity issues. Worked for me! THX! I can now access shares on windows 10 and android Quote Link to comment
takkkkkkk Posted November 13, 2022 Share Posted November 13, 2022 On 10/4/2022 at 7:55 PM, limetech said: Add this to "Settings/SMB/SMB Extras/Samba extra configuration" ntlm auth = Yes Please report back if this solves connectivity issues. Thank you for this! it solved my problem! Quote Link to comment
Shane01638 Posted November 13, 2022 Share Posted November 13, 2022 (edited) I haven't been able to try ntlm auth = Yes yet as too many people streaming. Plex is working so no one is complaining except blue iris as it can't move files. I cannot access any shares from any windows pc or my iPhone. Thought I would drop my diag. Edit: ntlm auth = Yes fixed my issues. I can now access all unraid shares from windows and my iPhone as before. zunraid-diagnostics-20221112-1833.zip Edited November 13, 2022 by Shane01638 Quote Link to comment
jenga201 Posted November 15, 2022 Share Posted November 15, 2022 I'm having this same issue with the 6.11.3 upgrade. I'm not using AD. I've set "ntlm auth = Yes" in SMB Extras and set the network security GPO to NTLMv2 only (and combinations of either/or). Are there any other diagnostics or solutions I could do to fix this issue? Quote Link to comment
dlandon Posted November 15, 2022 Share Posted November 15, 2022 26 minutes ago, jenga201 said: I'm having this same issue with the 6.11.3 upgrade. I'm not using AD. I've set "ntlm auth = Yes" in SMB Extras and set the network security GPO to NTLMv2 only (and combinations of either/or). Are there any other diagnostics or solutions I could do to fix this issue? Post your diagnostics file. Quote Link to comment
jenga201 Posted November 15, 2022 Share Posted November 15, 2022 44 minutes ago, dlandon said: Post your diagnostics file. beast-diagnostics-20221115-1655.zip Here you go. Thanks for taking a look Quote Link to comment
dlandon Posted November 16, 2022 Share Posted November 16, 2022 Why are you using thep ip address to referecne the server? Use the name and see if that works. It looks like all your shares are set up public. Is that what you intended? Quote Link to comment
jenga201 Posted November 16, 2022 Share Posted November 16, 2022 3 minutes ago, dlandon said: Why are you using thep ip address to referecne the server? Use the name and see if that works. It looks like all your shares are set up public. Is that what you intended? I wasn't aware accessing the shares using the IP was a problem. None of my shares are public. I can resolve the server name, but cannot access it through windows file explorer. It's the same error using the name or ip. As a side note, I've had this share configuration for probably 10 years without any issues. Quote Link to comment
dlandon Posted November 16, 2022 Share Posted November 16, 2022 What happens if you downgrade? Quote Link to comment
Frank1940 Posted November 16, 2022 Share Posted November 16, 2022 Microsoft has changed the default and Windows 10/11 now refuse to connect to a server as a 'Guest'. IF you insist on using a Guest login, I would suggest that you got to the first post in this thread and download the PDF file in that post. Then read pages 15 and 16 about how to change that behavior. https://forums.unraid.net/topic/110580-security-is-not-a-dirty-word-unraid-windows-10-smb-setup/ Quote Link to comment
jenga201 Posted November 18, 2022 Share Posted November 18, 2022 My issue was due to a PIA update to their 'Split Tunnel' feature. I added in an explicit rule to bypass the vpn for my local network. Thanks for the help looking into this unrelated issue Quote Link to comment
madtom84 Posted November 30, 2022 Share Posted November 30, 2022 On 11/17/2022 at 9:36 PM, jenga201 said: My issue was due to a PIA update to their 'Split Tunnel' feature. I added in an explicit rule to bypass the vpn for my local network. Thanks for the help looking into this unrelated issue I'm also having this PIA update issue, how did you add that rule? Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.