After upgrading to 11.2 beta 2 SMB works only with NTLMv3

Not open for further replies.


Dec 10, 2014
Hi 2gether

SMB worked fine with FreeNAS 11.2 beta. After I've upgraded to FreeNAS 11.2 beta 2 SMB only works on NTLMv3. For my Ubuntu clients it is ok, I could specify "vers=3.0" in fstab and got it back to working state.

But I've got also two "old" Ricoh Copier/Scanning Machines (MP C2800/3300 and MP C5000). Those machines only support NTLMv1. After a firmware upgrade I could get them to work with NTLMv2, but not NTLMv3 - no way as I've read on the net.

I can't connect with Ubuntu Nautilus neither. I'm getting the error: org.gtk.vfs.Daemon[1636]: ** (gvfsd:1679): WARNING **: dbus_mount_reply: Error from org.gtk.vfs.Mountable.mount(): Failed to retrieve share list from server: Connection refused

If I check the box "NTLMv1 Auth" under Services -> SMB it doesn't work neither anymore (this still worked in the FreeNAS 11.2 beta 1 even though it's unsecure it was a workaround for getting the "old" copier machines to work with smb; so I prefer to update them and getting to work with NTLMv2).

But NTLMv2 should at least work? Where could be the problem that only NTLMv3 works?

My smb4.conf looks in the interesting part like this:

	server min protocol = SMB2
	server max protocol = SMB3
	encrypt passwords = yes
	dns proxy = no
	strict locking = no
	oplocks = yes
	deadtime = 15
	max log size = 51200
	max open files = 468812
	logging = file
	load printers = no
	printing = bsd
	printcap name = /dev/null
	disable spoolss = yes
	getwd cache = yes
	guest account = nobody
	map to guest = Bad User
	obey pam restrictions = yes
	ntlm auth = yes
	directory name cache size = 0
	kernel change notify = no
	panic action = /usr/local/libexec/samba/samba-backtrace
	nsupdate command = /usr/local/bin/samba-nsupdate -g
	server string = Server1
	ea support = yes
	store dos attributes = yes
	lm announce = yes
	hostname lookups = yes
	time server = yes
	acl allow execute always = true
	dos filemode = yes
	multicast dns register = yes
	domain logons = no
	local master = yes
	idmap config *: backend = tdb
	idmap config *: range = 90000001-100000000
	server role = standalone
	netbios name = SERVER1
	workgroup = WORKGROUP
	security = user
	create mask = 0666
	directory mask = 0777
	client ntlmv2 auth = no
	dos charset = CP437
	unix charset = UTF-8
	log level = 1

Thanks so much for your appreciated help!


Dec 10, 2014
Thanks for your help and the workaround. One question left: NTLMv2 should still work without this workaround? It seems after the upgrade to the 11.2 beta2 only NTLMv3 works. I've managed to switch my copy/scanner-machines to work with NTLMv2 but it still doesn't work. I also assume NTLMv2 is not working as I can't connect to a smb-share over Nautilus (Ubuntu 16.04). May there also be a problem with NTLMv2 in 11.2 beta 2?


Jan 17, 2018
Would the syntax to the tunable be the entire string?

Variable: ""
Value: "NT1"

Also, is this just a bug, or is this expected behavior in this release. Having trouble setting vers=3.0 in some clients.


Dec 10, 2014
Yes, I can confirm it is working like that. Choose as Type "Sysctl", hit checkbox "Enabled" and restart SMB or your server. After that, NTLMv1 is working permanently. Still I'm not sure, if NTLMv2 is working again too.
Not open for further replies.