After 6.11 No longer can access SMB via Network

Uplinkpro

By Uplinkpro
in General Support

Recommended Posts

  • Replies 50
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

limetech
limetech

Add this to "Settings/SMB/SMB Extras/Samba extra configuration"   ntlm auth = Yes   Please report back if this solves connectivity issues.

MAM59
MAM59

My current assumption is that one or more GPOs on windows prevent the communication due to security restrictions. But there are dozens of them, and it takes always an hour or more just to try out one

Uplinkpro
Uplinkpro

Im not able to test that sorry, I fully reinstalled windows 11 and now it works just fine. Hopefully that fix helps someone.

Posted Images

Uplinkpro Noob

Uplinkpro

Posted
  • Author
Posted
17 hours ago, dlandon said:

It appears this might be from clients on a domain accessing Unraid that is not part of the domain.


So playing with it all day i got it working on a new pc also on the network just not mine, so i think it has to be something on my windows machine but checking the workgroup is not on a domain so im not sure what else to do on it.

Link to comment
Steffen1156 Noob

Steffen1156

Posted
Posted
On 9/26/2022 at 6:48 AM, MAM59 said:

My current assumption is that one or more GPOs on windows prevent the communication due to security restrictions. But there are dozens of them, and it takes always an hour or more just to try out one of them. This can take ages....

 

 

Hi, 

I had the same problem as described at the beginning. 

image.png.1368b51f4112990bd3c356cb3998bfa4.png

 

Edit my local GPO settings have solved the problem for me. 
In Unraid 6.11 NTLMv1 was disabled, in connection with the new Linux kernel. But this was still stored as default authentication in the local GPOs of my computer.

 

Open your local GPOs and Find "Network Security: LAN Manager authentication level", which is located in Security Settings, Local Policies, Security Options.

I have set it to "Send NTLMv2 response only"

 

Description to find the Setting: https://kb.iu.edu/d/atcb

Level Overview by Microsoft: https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj852207(v=ws.11)?redirectedfrom=MSDN

 

Link to comment
MAM59 Collaborator

MAM59

Posted
Posted
1 minute ago, Steffen1156 said:

I have set it to "Send NTLMv2 response only"

Lucky you are.. Here it was als NTLMv2 for years already, No V1 installed anymore. Also V1 used port 139 whereas V2 (and newer) use port 445.

 

But the effect vanished here too after 2 days of fiddling. mayby there was a formerly valid access token stored somewhere that needed to timeout to become invalid?

Anyway, after about 3 days the mist lifted and everything worked again.

Still strange...

 

Link to comment
Uplinkpro Noob

Uplinkpro

Posted
  • Author
Posted (edited)
38 minutes ago, Steffen1156 said:

 

Hi, 

I had the same problem as described at the beginning. 

image.png.1368b51f4112990bd3c356cb3998bfa4.png

 

Edit my local GPO settings have solved the problem for me. 
In Unraid 6.11 NTLMv1 was disabled, in connection with the new Linux kernel. But this was still stored as default authentication in the local GPOs of my computer.

 

Open your local GPOs and Find "Network Security: LAN Manager authentication level", which is located in Security Settings, Local Policies, Security Options.

I have set it to "Send NTLMv2 response only"

 

Description to find the Setting: https://kb.iu.edu/d/atcb

Level Overview by Microsoft: https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj852207(v=ws.11)?redirectedfrom=MSDN

 

 

Changed that, and immediately was able to login, thanks I was about to reinstall windows >.<

Scratch that it worked once then stopped completely again

Edited by Uplinkpro
Link to comment
D.Romeleitis Rookie

D.Romeleitis

Posted
Posted
On 9/28/2022 at 9:57 PM, Steffen1156 said:

 

Hi, 

I had the same problem as described at the beginning. 

image.png.1368b51f4112990bd3c356cb3998bfa4.png

 

Edit my local GPO settings have solved the problem for me. 
In Unraid 6.11 NTLMv1 was disabled, in connection with the new Linux kernel. But this was still stored as default authentication in the local GPOs of my computer.

 

Open your local GPOs and Find "Network Security: LAN Manager authentication level", which is located in Security Settings, Local Policies, Security Options.

I have set it to "Send NTLMv2 response only"

 

Description to find the Setting: https://kb.iu.edu/d/atcb

Level Overview by Microsoft: https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj852207(v=ws.11)?redirectedfrom=MSDN

 

 

That didn't work for me. Still can't connect. I have the same problem with Android mobile in Total Commander. And there is SMB2 or SMB3 selected... 

Link to comment
Uplinkpro Noob

Uplinkpro

Posted
  • Author
Posted
1 hour ago, limetech said:

Add this to "Settings/SMB/SMB Extras/Samba extra configuration"

 

ntlm auth = Yes

 

Please report back if this solves connectivity issues.


Im not able to test that sorry, I fully reinstalled windows 11 and now it works just fine. Hopefully that fix helps someone.

  • Upvote 1
Link to comment
  • 1 month later...
Shane01638 Noob

Shane01638

Posted
Posted (edited)

I haven't been able to try ntlm auth = Yes yet as too many people streaming.  Plex is working so no one is complaining except blue iris as it can't move files.  I cannot access any shares from any windows pc or my iPhone.  Thought I would drop my diag.

 

Edit: 

ntlm auth = Yes

fixed my issues.  I can now access all unraid shares from windows and my iPhone as before.

 

zunraid-diagnostics-20221112-1833.zip

Edited by Shane01638
Link to comment
jenga201 Rookie

jenga201

Posted
Posted
3 minutes ago, dlandon said:

Why are you using thep ip address to referecne the server?  Use the name and see if that works.

 

It looks like all your shares are set up public.  Is that what you intended?

I wasn't aware accessing the shares using the IP was a problem.

 

None of my shares are public.

image.thumb.png.87de3d41a1b85f9cb372211913f0fac0.png

 

I can resolve the server name, but cannot access it through windows file explorer.  It's the same error using the name or ip.

image.thumb.png.2359d52d2ddd44d7ad864c613b78484f.png

 

As a side note, I've had this share configuration for probably 10 years without any issues.

Link to comment
Frank1940 Veteran

Frank1940

Posted
Posted

Microsoft has changed the default and Windows 10/11 now refuse to connect to a server as a 'Guest'.  IF you insist on using a Guest login, I would suggest that you got to the first post in this thread and download the PDF file in that post.  Then read pages 15 and 16 about how to change that behavior. 

 

    https://forums.unraid.net/topic/110580-security-is-not-a-dirty-word-unraid-windows-10-smb-setup/

 

Link to comment
  • 2 weeks later...
madtom84 Noob

madtom84

Posted
Posted
On 11/17/2022 at 9:36 PM, jenga201 said:

My issue was due to a PIA update to their 'Split Tunnel' feature.

 

I added in an explicit rule to bypass the vpn for my local network.

 

Thanks for the help looking into this unrelated issue :)

 

I'm also having this PIA update issue, how did you add that rule?

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing