FreeNAS 9.10.2 STABLE U2 (e1497f2) CIFS mount from fstab no longer working

Status
Not open for further replies.
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
A few quick points regarding NTLMv1 vs NTLMv2:
  • NTLMv1 is utter crap. Horrifically insecure. Don't use it in a business environment.
  • MS claims windows is supposed to automatically negotiate the highest supported protocol, but I have heard this is a lie. Windows does what it bloody well pleases. Disable LM and NTLMv1 on clients to prevent auto-negotiation stupidity.
  • I believe samba stores the same password hash for NLTMv1 and NTLMv2. The key difference is how the challenge-response is calculated.

If NTLMv1 works, but NTLMv2 doesn't try the following:
  • Disable LM and NTLMv1 on client
  • Verify that Netbios name, workgroup, hostname are set correctly and consistently.
  • Authenticate using UPN <netbios name of server>\<UserName>. I.e. for user "bob" on "freenas" freenas\bob
  • From samba-technical - "The primary use of NTLMv1 is MSCHAPv2 for VPNs and 802.1X. For example, PEAP/MSCHAPv2 for wireless network or VPN authentication with RADIUS will need this option enabled."
I personally think it's less of a security risk in a business environment to have a "guest" share that the MFC can write to than globally enabling NTLMv1.
 
Last edited:
M

MindBender

Explorer
Joined
Oct 12, 2015
Messages
67
Unfortunately, the Sonos sound system still doesn't support NTLMv1. Mine started giving me Access Denied errors whenever I wanted to play anything. However, testing the same credentials on different workstations worked fine.

Enabling LM as discussed here, got my Sonos' working again.
ntlm_auth.png
 
Johnny Fartpants

Johnny Fartpants

Guru
Joined
Jul 3, 2015
Messages
926
Grewterd said:
Just updated to FreeNAS 9.10.2 STABLE U2 (e1497f2), after reboot, my Ubuntu clients will no longer mount CIFS shares in fstab, getting mount error(13): permission denied.

My fstab line is:

//servername/sharename /path/tomountto cifs credentials=pathtocredfile,_netdev,rw,user,sec=ntlm,uid=1000,auto 0 0

Credentials file:

username=username
password=password
domain=domain

Trying manually from command line gets same error:

sudo mount -v -t cifs //servername/sharename /path/tomountto -o credentials=pathtocredfile,_netdev,rw,user,uid=1000,auto,sec=ntlm

Removing sec=ntlm resolves the issue. I tried all the other sec=ntlm* arguments, same thing.

Just wondering if something changed to cause this, if it's just me, etc. Thanks.
Click to expand...
I had the same issue after updating yesterday but my issue was with SMB1. I had to add the option vers=3.0 into my fstab and all was fine.
 
Status
Not open for further replies.

Similar threads

melloa
  • Locked
Update to FreeNAS-9.10.2-U2 broke SMB permissions
2
Replies
37
Views
11K
guruNC
G
S
  • Locked
Mounting CIFS w/ SMB3 to fstab
Replies
2
Views
10K
Stryf
S
M
SOLVED Mounting SMB with Ubuntu: mount error(95)
Replies
3
Views
63K
Justcreatedanaccoun
J
L
fstab mount error
Replies
2
Views
908
leksand
L
nanopete
  • Locked
Mount samba/SMB/CIFS persistently through fstab
Replies
11
Views
36K
pizzaazzip
pizzaazzip
Top